“I’m just a small business,” “What would they do with my company’s data anyways?” “There are plenty of bigger fish in the sea.” I’ve heard many excuses from executives and managers dismissing the need for effective cybersecurity, and these are just a few of them. In 2021, though, small- to medium-size businesses (SMBs) have become some of the highest-risk targets for cyberattack and specifically, ransomware. This is primarily due to the dismissal of risk and corresponding lack of protection, which makes SMBs very low-hanging fruit. With the increase in standardized IT infrastructure models, automated attack processes and credentials availability on the dark web, hackers now have the capability to attack and potentially take hostage the business data of even hundreds of businesses an hour. The question is no longer if your business’s IT will be attacked, but when.
As if losing access to your company’s important and sensitive data weren’t bad enough, a potentially bigger threat from ransomware comes in what the security community calls doxing. When a hacker takes away access to your files, they can use those files and info as additional leverage to get you to pay the ransom by threatening to dox you, which means releasing the data publicly on the internet. Private personnel information, internal IP addresses, financials, all that data is valuable for the ransom, but is doubly valuable to resell or trade it with other bad actors. Furthermore, paying the ransom does not guarantee that the attacker will delete your data. After all, how many cinematic pirates have you seen that are true to their word? Once a hacker has access to your business data, all bets are off.
Remember the SolarWinds attack last year? And more recently, the Kaseya attack? These are called supply-chain attacks, because they don’t just directly attack the target businesses, they attack the infrastructure used to manage those businesses’ IT. When hackers were able to compromise the platform used to connect to endpoints, this allowed them access to endpoints at not just one business, but thousands of businesses whose devices were connected to these platforms. Once the hackers gained access to these endpoints, they were able to cut them off from the end users and hold the data stored on them hostage until the end user paid a ransom to regain access.
Managed Service Providers (MSPs) who are savvy, such as Vermont Panurgy, are able to mitigate against any potential supply chain attacks by monitoring for any such threats and then quickly responding to cut off the hackers’ access until vulnerabilities are patched. For our business, additional “hardening” configurations (additional protection of the platform from unauthorized access) further increase both the security of managed endpoints, as well as the reliability of our management platform.
That said, ransomware is still and will always be a potential threat to all MSP clients. Effective, up-to-date network security and end-user training are the most effective prevention steps to fight back against this threat. Thankfully, unlike more traditional hostage situations, data can be backed up and encrypted, so even if a business does get infected with ransomware, recovery options are available without necessarily having to pay the ransom. This is likely why the #1 function outsourced to MSPs in a recent 2021 survey on IT operations is backup management. Businesses want to know that if they lose their data, they have a path to recovery that won’t cost them their hides.
Business Continuity is another critical concept, especially for companies that strategically cannot handle more than a few hours of downtime in the event of a successful ransomware attack. Business Continuity refers in part to strategies and technologies that create redundant infrastructures that can be spun up at a moment’s notice if access to the primary infrastructure is denied. It can reduce hours or days of downtime to just minutes, which is extremely important for businesses in critical sectors, such as infrastructure delivery (water management, electrical providers, internet providers, etc.) and healthcare.
What to do to safeguard your business? Recognize the vulnerabilities inherent in your business, which may include: not training your employees about security protocols, not activating a firewall, or ignoring firmware and security updates. Implement strategies to train and test your employees, patch the security holes, and reduce the risk that an attack will cripple your company. Finally, make sure your backup/continuity strategy is effective and robust enough so that when your business does get hacked, you will be able to get back up and running with minimal cost and downtime. Contact Vermont Panurgy today to discuss these threats and your options to stay safe!