Ransomware has emerged as one of the preeminent tools utilized by malicious actors who target the data of businesses around the world. In 2018, ransomware attacks have been on the rise. Following these critical guidelines can help mitigate the impact a breach will have on your business.
First Things First: Educating Employees
You probably already know not to open suspicious emails or click on links that look less than legitimate. That said, human nature prevails and it never fails that curiosity or carelessness get the better of some people in the line of work. Human negligence is one of the largest, if not the top, contributor to such compromising positions as viruses, malware, and ransomware. However, there are ways to mitigate risk if you should ever find yourself on the wrong end of a malicious data breach. Educating your workforce about certain email and filesharing policies can reduce risk before you encounter a breach. Conducting in-house phishing and penetration tests are other useful avenues to explore if you have the resources available. These can open up opportunities to have candid conversations about security in the workplace as well as work to identify shortcomings in your own security efforts.
Disconnect, But Don’t Unplug
One critical mistake Ransomware victims make time and again is rushing to shut down their machine at the sight of a ransomware prompt. This is a terrible response because it will make data forensics a much more arduous process for in-house or external teams attempting to unravel the source, extent, and possible resolution to the breach. In this case, disconnect affected machines from the internet, but do not turn them off.
This is a critical time and your response will dictate the course of your recovery from this unfortunate event. As with many stressful situations that emerge in life, panic rarely results in a favorable outcome. Keep your composure, collect the personnel necessary to evaluate the situation, and prepare to enact your response plan.
The Recovery Plan
You’ve been breached. This is the moment you prepared for. Follow the steps of your carefully designed plan and follow through on every step as you work towards a resolution.
There is no rubric when it comes to data breach recovery plans. Each instance is unique to each business. Sit down with your in-house security personnel or consult with an external team to develop the ideal plan of action should you fall victim to ransomware or another malicious incident targeting your sensitive data.
Evaluating Backup Data
If at this point in the scenario you have not prepared a recovery plan or create backups for your sensitive data, chances are you’re feeling uneasy about the future of operations, potential legal action, and your company’s reputation. However, this is only a hypothetical situation and you now have the idea in your head that creating a sound recovery plan in the event of a breach and backing up important files can’t wait until after the fact. Don’t wait until it’s too late to prepare your organization for a breach. Take steps towards preparing a disaster recovery plan and begin backing up your files regularly.
Call Data Forensics
Now is the time to perform an assessment with your in-house team or enlist data forensics professionals to determine the incident’s root cause, what, if any, data has been extricated from your systems, and if the malicious actor remains inside your system with unlimited access.
Contacting the federal authorities is another option that should be taken into consideration. Some cybersecurity consultants will tell you it’s a waste of time as the three-letter organizations get hundreds of reported ransomware events a day. Others will tell you it is imperative you contact federal authorities in the event you fall victim to ransomware. Alerting the authorities likely won’t have a detrimental effect on your status if you already found yourself the victim of a breach. Their experience and advice could put you on the right course to a speedy resolution.
Ransomware And Cybersecurity Checklist
- Commit an incident response plan to paper and practice it regularly, updating as necessary alongside new threats and security technologies as they emerge.
- Carry out ongoing penetration testing and vulnerability scanning. These are both examples of controlled probing of your own systems for chinks in your hardened systems’ armor.
- Keep your applications and operating systems up to date with the latest patches.
- Train your workforce in the best practices as they apply to cybersecurity. The largest contributor to breaches is human vulnerability.
- Continuously monitor your network integrity. This includes your anti-virus and malware protection software.
- Conduct quarterly or annual data audits and mapping to know where your sensitive data is, how it’s stored, and how best to protect it.
- Audit your external groups and accounts for vulnerabilities. Chances are good that a third-party you conduct business with can present a vulnerability if they are not following the same cybersecurity standards as you.
- Backup your data regularly and test your data recovery plan often. Simulated brute force, phishing, and attack scenarios can keep your teams on their toes and continuously aware of security.
- Understand your liability, the data protection requirements, and necessary compliance regulations in your jurisdiction.
About Encompass Solutions
Encompass Solutions, Inc. is an ERP consulting firm and Epicor Platinum Partner that offers professional services in business consulting, project management, and software implementation. Whether undertaking full-scale implementation, integration, and renovation of existing systems or addressing the emerging challenges in corporate and operational growth, Encompass provides a specialized approach to every client’s needs. As experts in identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of Industry.