Oregon’s Roseburg School District made the news last month when they were the victims of a ransomware attack. The compromise from the attack was discovered on May 5, 2018. The school district spent the next three weeks exhausting all efforts to decrypt the hackers’ software holding years’ worth of the school district’s data hostage. In the end, they made the tough decision to pay the ransom to restore their data so they could continue with their day-to-day operations.
Ransomware is malicious software hackers place on your computer so they can encrypt your data and then demand payment from you to regain access to your files. Hackers use a variety of methods to install vectors to infect a machine – phishing emails, unpatched programs and firewalls, compromised websites, smart devices, online advertising and “free” software downloads.
Not only can ransomware encrypt the files on your computer, the software is smart enough to travel across your network and encrypt any files located on shared network drives. This can lead to the catastrophic situation whereby one infected computer can bring an entire company to a halt.
Ransomware hackers do not discriminate by company size. Of targeted cyberattacks, 60 percent hit small- and medium-sized businesses. Everyone is susceptible. But there are some things you can do to minimize your risk of attack:
Train your employees to be human firewalls
The most common security incidents are those caused by employees not following cybersecurity best practices. Cybercriminals are quite crafty in fooling their victims to open the gate and let them in. Consistently train and test your employees on how to spot and thwart attacks to greatly reduce your risk. There are services that can provide this training.
Create a fortress of protection
Firewalls, intrusion protection programs and anti-virus/anti-malware/anti-ransomware coupled with network monitoring for anomalies, will keep most malicious attacks from reaching you.
Religiously patch
Keep programs, operating systems, firewalls and hardware up to date always. And I do mean ALWAYS. Your IT staff or outsourced IT company should be using Remote Monitoring and Maintenance (RMM) software so that this is done automatically.
Have weapons-grade backups
Consistently backup your files and regularly test restore procedures. Backups can either be on-site or in the cloud, but to help prevent your backups from being compromised, you should always have an off-site or redundant backup in place. Having off-site and recent backups is a standard best practice to not only protect you against ransom attacks, but natural and other disasters. Be sure to test your restoration procedures quarterly to make sure your backed up files can be restored accurately.
Be smart about smart devices
The rise in popularity of smart devices comes with additional risk. If it’s connected to the internet, it can be hacked. Evaluate if the devices you are bringing into your network really need to be smart … does the benefit outweigh the risk? If you are using Internet of Things (IoT) devices, segment your network so they are separate from networks that contain sensitive information.
So, back to the Roseburg School District. What are they doing to shore up their network from future attacks? They announced they will be implementing new file backup protocols and have contracted for new firewall security systems.
With the proper tools, training and diligent cybersecurity practices you’ll make it much harder for your business to compromised. Stay safe out there!
Eric Olmsted is the president of On Line Support, a technology consulting firm headquartered in Vancouver, serving businesses in Washington, Oregon and South Dakota. Eric can be reached at (360) 993-0600 or eric@on-line-support.com.