Posted: Thursday, 26 May 2022 @ 15:15
Every 11 seconds an organisation falls victim to a ransomware attack. Ransomware has more than doubled year-over-year, and attackers are targeting organizations of all sizes as has been well publicised in 2021 — no-one is immune. They are increasingly employing more sophisticated attacks and defeating existing defenses
What is Ransomware?
Attacks often start with a malicious phishing email intended to trick the recipient into disclosing login credentials. Attackers may also purchase stolen credentials on the dark web.
Using stolen credentials or other means, attackers hit your website and applications to access your business data.
With access to your data, the attackers encrypt your data so that you can’t access it. They then demand a ransom payment to unencrypt it and avoid exposing that data. Once ransomware infects your network it will typically locate all other computers and servers and spread quickly through your entire business. Your email, OneDrive, Dropbox etc can be completely disabled.
Protect your systems - stop infections
In order to prevent ransomware from damaging your business, business insurance companies are now starting to ask specific questions and require your business to be setup for strong and best practice security.
- 2FA/MFA authentication for key systems - if a hacker has your email address and password from a hack on a different website (very common and people use the same password often) then they can simply use this to get into many of your systems. 2 factor authentication (2FA) or multi-factor authentication (MFA) typically use an app which generates a new 6-8 digit code each minute, linked to your account which you must use in combination with your password to get into an account - email or website. This is good practice and something that is frequently neglected in Office365.
- AI driven spam/virus filtering - email is the most common source of an infection. They are increasingly realistic and sophisticated, encouraging a link to be clicked or an attachment opened. Once this is done and it is very easy to be fooled, the infection is likely already on your system. Office365 is the widest used email system in the world but it does not provide AI (Artificial Intelligence) based spam filtering as a standard - this is Microsoft ATP and is for higher packages (E3 or E5) only. Deploy a first-line spam and virus filtering system to protect your email from being a source of exposure.
- Strong anti-virus and anti-malware protection - hackers and security developers are in an eternal game of cat an mouse. Once one security hole is closed, another is exposed or a bug exploited - there is always someone cleverer around to find a way to deploy a malicious cyber attack on your business. If your best efforts to protect your logins and email have failed, modern anti-virus and malware protection (we recommend Malwarebytes and Bitdefender) can stop malware from executing on your computers and servers even if they have become infected - they are constantly updating, have sophisticated detection capabilities and block suspicious activity on your machines.
Remediate a breach - recover your business
It is quite widely accepted that it is almost impossible to completely protect against a ransomware infection, common ways that infections infiltrate systems are from software bugs which can be exposed at any time. Microsoft who power the majority of computer operating systems and millions of servers worldwide have had software bugs which have allowed hackers to get into systems more than 10 years after key code was written - it is out of most people's control.
They most important thing to ensure that your business survives a ransomware attack is your ability to recover from it as in many cases you simply have to wipe/delete the systems with an infection and start from scratch. If your data is not backed up then you lose everything - could your business survive that?
Office365, On-premise Exchange Servers - your email is the life-blood of your business so if you lost all your history could you continue to run your business?
Protect Email, Protect Data and Protect Systems in the Cloud
Zarr provide the email, application/access, and backup protection solutions required to keep your business secure.
From education, best practice and also experience we can offer a wide variety of cost effective backup solutions which can backup your Office365 data (yes you can lose it!), Sharepoint, Teams, on-site servers, OneDrive and other systems. These are securely done in the cloud i.e. offsite from your business and primary data and can be done multiple times per day.
Contact our security team for more information, costs and advice.