Blog | RTGroup.ca

How Small Business Can Be Proactive Against Ransomware Attacks

Written by Ian Robertson | Mar 26, 2024

 

Imagine that your good friend Jane runs a small marketing agency in Victoria, BC, that relies heavily on its digital data for client projects. One morning, she arrives at the office to find her computer screen flashing a message: “Your files have been encrypted. Pay $20,000 within 48 hours, or they will be permanently deleted.”

Panic sets in as Jane realizes her business’s entire database, including client contacts, project files and financial records, has been hijacked by ransomware.

In a twist akin to a payment deferment scheme, the nogoodniks offer Jane some options. Research done by the Palo Alto Networks’ Unit 42 reveals the evolving tactics of ransomware groups, including offering victims choices such as paying to delay data publication or deletion.

To increase pressure, these groups employ features like countdown timers and identity tags on their websites. It’s all designed to corner victims into complying with demands.

However, we strongly discourage paying ransom. It doesn’t ensure data retrieval, may lead to escalated demands and could result in legal consequences.

So, what can small businesses like Jane’s do to safeguard against ransomware attacks?

  1. Employee Education: You knew we were going to suggest this! Train staff to recognize phishing emails and suspicious links to mitigate the risk of infection.
  2. Regular Backups: Ensure secure backups of all critical data to avoid being at the mercy of bad actors (and we ain’t talking about James Franco here).
  3. System Updates: Keep all systems and software up-to-date with the latest security patches to address vulnerabilities.
  4. Network Segmentation: Segment networks to limit the spread of ransomware in case of device infection.
  5. Cybersecurity Investment: Invest in robust cybersecurity software and keep it updated to defend against evolving threats.
  6. Incident Response Plan: Develop a clear plan outlining steps to take in the event of a ransomware attack to minimize damage and facilitate recovery.

Paying ransom rarely improves the situation, and businesses that do often become repeat targets. Instead, prioritize proactive measures to bolster security and resilience against ransomware threats.

We’d be happy to have a chat about how you can boost your small- or medium-sized business’s defences against ransomware. Call us if you have questions or want to make a plan.