How to protect your SME from Ransomware

Top tips to keep your data safe

Ransomware has been around for decades, but if this is an age-old problem why has it suddenly become a hot topic? We believe there are two main factors at play here. First of all the economic changes over the past 12 months have led cybercriminals to become more aggressive with their techniques and in turn, their methods have become more advanced. Secondly, with an entire country forced into remote and new ways of working, criminals have taken the opportunity to exploit chaos to gain access to otherwise relatively secure networks. 

 

We feel it’s important to highlight at this point that any business can become a victim of cybercrime. Phishing emails can be incredibly hard to spot and websites you use each day can become corrupted without your knowledge, leaving your data vulnerable. You may have heard of one scam in particular, the CEO scam, this phishing email is designed to mimic an email from an existing employee from within your organsiation in the hope of fooling an unsuspecting accounts or HR employee. The FBI are currently still investigating countless records of said scam and it is believed to have taken over $26billion* from innocent businesses across the world. But these cybercriminals don’t just target larger companies. A recent report by Beazley Breach Response found that UK SMEs were 71% more likely to be targeted as statistically they are more likely to be unprepared.

 

What are the most common types of ransomware?

Locker Ransomware – This kind of attack will freeze you out of your applications and device and deny you access to your data until you pay a release fee. 

Crypto RansomwareThis type is probably more familiar to most businesses. The ransomware will encrypt your data rendering it unreadable. Your business will then be prompted to make a payment, usually in Bitcoin, for a private decryption key that will let you regain access to your valuable data. 

 

All ransomware attacks can be catastrophic for any SME, rendering your operations completely dormant until a resolution is met. There is no fail-safe guarantee when it comes to protecting yourself against attacks and even companies that spend millions such as the NHS and Universities fall victim to ransomware. But what you can do is put your business in the best possible position to protect and recover if the worst should happen. 

 

Here are Monpellier’s top tips – 

Emails

Emails are the most common way cybercriminals gain access to your data. Always check the email was sent from a verified source (URL) and never fill in email forms, click links, or open attachments from unknown sources. You can also add a spam filter to your inbox as an extra layer of protection.    

 

Back-up

Your business’s best defence against malware is to continually back-up your data. It goes without saying that backing-up your business data is important but is it time to review your policies and back-up frequency? We recommend having two or three methods of back-up for your data. One of which could be stored in the cloud and another offsite to protect you against different types of attack. 

 

Operating Systems

Have you been ignoring your reminders? Yes, they are annoying but making sure all of your applications and software are up-to-date is important. If you have software that is no longer supported we would suggest you look at finding a new supported solution as cybercriminals often exploit security risks in older versions that are no longer maintained by the provider. 

 

Security 

Security comes in many different forms, from updating your passwords regularly to using two-factor authentication. In addition, to these daily security features, there are many cybersecurity management solutions on the market that your business may wish to consider. In conjunction with our partners at Trustack, we are able to advise on additional security packages to suit your needs and budget. 

 

Awareness 

This might sound like an obvious suggestion but you would be surprised at how many companies fall short due to what they presumed would be common sense. Keep all your employees up-to-date with your back-up policies, encourage regular password changes and share useful information relating to data security to keep everyone’s minds focused on safe practice.  

 

If you are currently using an accounting package that is outdated or unsupported check out our Business Owner’s Guide for replacing accounting software. 

 

If you want to talk to a member of the team about your current data processes drop us an email [email protected] or call us 0191 500 8150. 

 

* Knowbe4.com. 2021. CEO Fraud | KnowBe4. [online] Available at: <https://www.knowbe4.com/ceo-fraud#:~:text=CEO%20Fraud%20is%20a%20scam,sending%20out%20confidential%20tax%20information.&text=According%20to%20FBI%20statistics%2C%20CEO,now%20a%20%2426%20billion%20scam.> [Accessed 16 February 2021].

 

Comments are closed.