On Friday 12th May, a global coordinated ransomware Wana Decrypt0r 2.0 attack began, affecting thousands of large and small private and public sector businesses and putting dealing with cyber attacks in the spotlight.
The vast majority of media coverage on the attack has so far been centred around the impact it has had on the NHS and other large corporations, however, the experts at cybersecurity firm Secarma are concerned that small businesses won’t believe that they could be hit next with future attacks.
Almost 50 per cent of all cyber attacks happen to small business. The vast majority of ransomware attacks in particular – the same strain as Wana Decrypt0r 2.0 which forced the NHS to power-down – are directly targeting small businesses.
Why? Simply because the majority of small businesses have inadequate defence systems in place when it comes to dealing with cyber attacks, meaning that the attackers are much more likely to get in.
Once they’re in, the ransom amount for restoration is relatively ‘small’ in relation to the value of your business (ranging from £300-£1,500), and small business owners are more likely to pay up in order to return to normal as quickly as possible.
If your computer systems were hacked, how much money, time and reputation would your business lose as a result? Is it time to start thinking proactively about cyber security, instead of reactively?
Dealing with cyber attacks in five easy steps
Apply updates when they become available and implement a patching policy
Applying updates especially with security ones in a timely manner is essential. This goes for everything, from Windows updates as well as applications such as Adobe Reader.
Organisations should have a fully developed and agreed patching policy which includes a methodology to deal with emergency critical patches.
Back ups should be performed on a regular basis. Identify what your business-critical data actually is, and back it up to devices not connected to the internet. Ideally a back-up should be maintained off site.
Use quality antivirus software and keep it up to date
Virus definitions are normally updated at least once a day, ensure your virus database is updated regularly to protect against the latest threats. Utilise software which will scan in real time threats from emails, downloads and web browsing. To add depth to your defences consider adding additional malware scanning technology into your email chain.
Understand your network defences and have them tested
Your firewall is your first line of defence. Ensuring that you are aware of what data you let into and out of your organisation is crucial. Keeping your network devices and firewall rule set is equally as important. Engage in regular penetration testing and vulnerability scanning using a reliable 3rd party supplier of these services.
Train your staff
Given threats such as ransomware are on the increase it is even more important to establish a culture of security awareness. These attacks will only work if an employee is lured into clicking on a link or opening a malicious file from an untrusted source.
Experts at Secarma are following the recent Wana Decrypt0r 2.0 attack in real time, for more information on this click here.
Further information on dealing with cyber attacks
Nominations are now open for the British Small Business Awards, the leading event celebrating the brightest stars in the SME sector. Click here to enter, and make sure you get involved today using the hashtag #BSBAwards. Good luck!