One of our clients was hit with a ransom ware attack. The attackers demanded 3 bit coins (approximately $150,000) . Fortunately they were prepared and did not pay the ransom but the attack did cause a disruption in their business
These attack are becoming more frequent and everyone needs to be prepared for an attack.
Our friend and IT consultant, Armando D’Accardo of CMIT Solutions of South Nassau, has helped us to be prepared and forwarded to us a list of five steps that need to be taken so that you can mitigate an attack and not be a victim of this extortion scheme.
How can you keep your business safe?
1. Back up your data.
Anne Neuberger, the White House’s Deputy National Security Adviser for Cyber and Emerging Technology, told reporters last week that Colonial was “in a difficult position if their data is encrypted and they do not have backups and cannot recover the data.” If the company had reliable data backups in place, it could have avoided the financial and reputational impact of paying $5 million in ransom and simply wiped its systems clean. This is the most critical step to avoid a data disaster that disrupts your company’s operations.
2. Make sure a recovery plan is in place, too.
This step is just as important as the previous one—after all, data backup is only as useful as the protocol in place to retrieve it. This is the only surefire way to foil a ransomware attack and keep your business up and running in the wake of a cyberattack. If you work with a trusted IT provider, you can outline and understand this plan in advance—before a serious issue affects your company. When it comes to critical infrastructure like gas pipelines, last week showed us the necessity of this kind of plan.
3. Assess and enhance your network security.
The key takeaway here is that one layer isn’t enough. Today’s businesses deserve a multi-tiered approach that combines firewalls, traffic analysis, remote desktop protocols, multi-factor authentication, and incident response to extend cybersecurity to all systems and devices. As hackers continue to refine their malware and ransomware attempts, IT providers like CMIT Solutions strive to stay one step ahead of new developments on the cybersecurity landscape.
4. Automatically update and patch all systems.
It’s not clear yet which of Colonial Pipeline’s systems were compromised by hackers. But many ransomware attacks in the past have been deployed against outdated operating systems and legacy applications that don’t have the latest security patches and software updates in place. Working with a trusted IT provider, this process can be automated to run behind the scenes, keeping your computers safe without interrupting your employees’ day-to-day work.
5. Provide ongoing training and education to your staff.
Many strains of ransomware target end-users, using cleverly spoofed emails or too-good-to-be-true web ads to trick them into clicking infected links or downloading malicious attachments. Understanding that these scam attempts are a matter of when, not if, your employees can be trained to recognize common ransomware tactics and phishing attempts, providing your company with another layer of defense. After the initial training, ongoing education is essential to keep your business ahead of the curve and mitigate any future threats.
We urge everyone to follow Armando’s recommendations. Please contact us if you need assistance or advice.
If you need any assistance please contact us.
Diapoules & Feinstein CPAs P.C.