In fact, small businesses are easy prey for these cybercriminals as these businesses are more vulnerable due to the inadequate security measures they have implemented as they tend to lack the resources need to implement the full measures.
As a result, many businesses have lost millions in the past year alone due to ransomware. According to the 2021 incident response cases, the average ransom demanded was $2.2 million and that report is for US-based companies alone. This was noted to be a 144% increase from the average demand of $900,000 in 2020.
How can businesses defend themselves and successfully ward off ransomware attacks? PCMag has identified 9 ways for them to fight back:
Stay educated and up to date on ransomware risks. It’s important to keep abreast with the latest threats that have been identified and follow the guidelines presented to prevent becoming a victim of such ransomware. It is also important to ensure that ransomware protection software is updated as well.
Know what data is most vulnerable to lose. Identify the data that is at most risk in the event of a possible attack, where it is stored, and work on protecting the data through priority schedule backups and investing in offsite storage.
Make sure everyone is focused on security. Third parties, partners, and supply chain elements could all introduce ransomware risks so it is crucial that anyone who accesses company data is briefed about the security plans and precautions they should adhere to.
Review and test your incident response plan. It is of utmost priority for the business to designate specific individuals or teams who are on call and can work on getting things back to normal during a ransomware attack. There should also be identified limits as to how much the business is willing to pay the ransomware culprits if at all, to get their data back or how can it remain offline during a security incident. Identifying all these provides for more ample preparation and swift response, preventing possible issues because the company was caught off-guard by these attacks.
Identify exposed assets. Any information about the business and its people that is available to the public is in danger of being exposed in a data breach or used as fodder for ransom attacks. As such, social media accounts are prime ransomware targets. So it is critical that logins to these accounts are protected with complex passwords or have a password manager generate such passwords.
Identify and block potential threats. Keeping exploits, malware, and command-and-control traffic at bay denies cybercriminals the opportunity to target
Learn how to automate protection. Tools such as antivirus protection are effective in detecting ransomware threats early so you can respond and recover quickly.
Secure the cloud. The use of identity and access management software to secure cloud APIs is essential in thwarting not only current cybercriminal activity but also the activities that cybercriminals may employ in the future.
Reduce response time with retainers. Having incident response experts on speed dial is very handy as they can help set specific actions and, most especially, the budget for responding to a ransomware threat which can help in getting a business back on its feet in a short amount of time.