Have you heard of WannaCry, Cryptolocker or Cryptowall? These, and other malware, cause ransomware attacks. That’s where someone steals your data and holds it hostage. Your data is worth far more than your hardware, so it can put any business into a spin.
You may think it won’t happen to your business—you’re too small to have anyone pick on you—but you need to be prepared. It can happen to your business. A survey conducted by Spiceworks found that one in five small businesses experienced an attack, with an average ransom of $2,423. If it doesn’t happen to you, it will probably happen to someone you know. And your business is at risk.
Just What Is a Ransomware Attack?
Using malware—in other words, a virus—your data is locked or stolen and you cannot get it back unless you pay a ransom and, unfortunately, paying up doesn’t even guarantee your data back. InfoWorld reports that you can’t trust criminals. The person who sends you the ransom note may not be the person who has your data, and even if he is, he may not return it to you. In fact, of the businesses that paid the ransom, only 45 percent got their data back.
How Can CEOs Prevent Such an Attack?
While the attacks hit 20 percent of small businesses, you can do things to reduce your risks. No More Ransom gives six things you can do to prevent a devastating attack.
- Back up your data.
- Use an up-to-date virus protection software and don’t disable heuristic functions.
- Keep all the software on your computer up to date. Those annoying Windows updates? Run them.
- Trust no one. Literally. Even if you know the person who sent the email, be careful about attachments.
- Enable the “show file extensions” option in the Windows settings on your computer. And educate your employees about what these extensions mean. Be cautious of anything ending in .exe, .vbs and .scr.
- Don’t be afraid to shut down your network if you detect an attack. Like any virus, it takes time to spread, so shut it down before it can get to everyone.
What Resources Can You Turn To?
There are many companies that are dedicated to preventing and protecting your business. Purchase high-quality virus software and keep it up to date. Make sure your IT department is up to date and can help keep all employees aware of what to look for. If you don’t have the need for a full-time IT person, make sure you don’t just trust this to the guy in marketing who is good with computers. It’s worth it to have a consultant available to help and double check your systems.
If you are attacked, it makes more sense to hire an expert to help you restore your systems than it does to pay money to a thief who may or may not return your data. There are some advantages to paying, though. TechAdvisor points out that the goal of a ransomware attack is to get money and remain anonymous. If you have your data back, you’re less likely to publicize your attack. After all, they are counting on the fact that you don’t want your clients to find out that their data was vulnerable. But, the current advice from the FBI is to not pay. They say it isn’t worth it.
Prevention is the best strategy. Make sure you’re prepared and your employees are educated and you’ll reduce your risk.