Cybersecurity for the Year of Ransomware
You may have noticed on Monday that something was wrong with Facebook. If you did, you’re not alone. While Facebook was down for over five hours, many of its 3.5 billion users noticed, and the outage made global news. Since the event, we have learned that this was not a cyberattack, but simply an error that was compounded by Facebook’s own security measures. Once engineers were aware of the problem, it took them longer than expected to gain access to the company’s servers due to their rigorous physical security.
A simple error caused the massive outage, not the actions of cybercriminals. However, could you imagine how serious the consequences of a coordinated attack could be if this was just the result of innocent human error?
Cyber attacks are on the rise, and 2021 has been the year of Ransomware. The Colonial Pipeline attack earlier this year that led to gasoline shortages across the East Coast was precipitated by a ransomware attack, and other major companies have been victims as well, including Computer maker Acer, The National Basketball Association, and JBS Foods, one of the world’s largest meat distributors.
These are just a few of the events that have made headlines, but the biggest threat has been scarcely mentioned by the media. The brunt of ransomware attacks has been borne not by large corporations with deep pockets, but by small businesses. Somewhere between half and three quarters of all ransomware attacks have been targeted at small businesses, and the FBI reports that both the frequency of the attacks and the amount of ransom demanded have risen this year. The situation is made even worse by the fact that over half of all small businesses have no cyber protection in place.
If you were the victim of a ransomware attack today, what would be your first step? Would you know who to call, or how to get back up and running? Would you be prepared to pay a ransom of thousands, or hundreds of thousands of dollars in untraceable cryptocurrency to the perpetrators? Most businesses are not prepared to handle such a disaster, yet the odds that you will face one are much higher than that of a fire or theft.
Fortunately, there are ways to protect yourself and your business from these attacks.
Watch out for phishing. Most hacks start with a phishing email designed to trick an employee into clicking on a link that infects their system with malware. This allows the hackers to take over your systems and wreak havoc. Phishing emails can often be spotted by misspellings, poor grammar, and email addresses that do not actually belong to the company or person they claim to.
Don’t reuse passwords. Instead of relying on the same password for all of your logins, consider using a password manager. Such a program will create a new password for all of your different accounts, and remember them all. That way, you get the convenience of only remembering one password, without the security risks presented by reusing your password.
Use Multi-Factor authentication. MFA is now standard for most email providers, and is a strong defense against hacking attempts. Something as simple as having an access code texted to your phone when you login can deter many breaches.
Of course, no defense is ever perfect. This is why we recommend a Cyber Insurance Policy as well. With Cyber coverage, you have protection from ransom, a professional incident response team, and coverage to protect you from the legal liability of sensitive information being leaked by hackers. For comparatively little premium, you can protect yourself from one of the biggest threats to business today.
To learn more about Cyber Coverage, click here.