As Russian military attacks in Ukraine escalate, the United States prepares for a different type of invasion in the nearer vicinity.
Department of Homeland Security Cybersecurity and Infrastructure Security Agency has ramped up surveillance of ransomware targeting businesses. Jen Easterly, who heads CISA, says the nation should prepare “A surge in ransomware.”
“It’s incredibly profitable for hackers, so much so that ransomware attacks have doubled in each of the last two years and will account for 22% of all cyberattacks in 2021,” said Joel Burleson-Davis, SecureLink’s chief technical officer.
Small businesses are most vulnerable to the coming wave of ransomware attacks. Cybersecurity experts urge them to take immediate self-defense measures.
“Most small businesses are the perfect target for ransomware hackers,” said Corey White, CEO of security firm Cyvatar.
GAS PRICES SHOOT UP:The average price of gasoline rose 11 cents per gallon
They have fewer resources and manpower to prepare for, defend against, and recover from attacks, sometimes with devastating results.
“Unfortunately, small businesses are more often targeted because they are more vulnerable and still have access to the same critical data or systems that cybercriminals are looking for,” said Eman El-Sheikh, associate vice president of the University of West Florida Center for Cybersecurity.
The risk of ransomware attacks has only increased with Russia’s invasion of Ukraine, said Aimei Wei, Stellar Cyber’s founder and chief technology officer.
“Immediately after the outbreak of the conflict, suspected Russian-origin cyberattacks were observed with an increase of over 800% over a 48-hour period,” she said.
Ransomware and other cyberattacks are commonly used in conventional and cold warfare to gain leverage, said Saumitra Das, chief technology officer at security firm Blue Hexagon. And not always for financial reasons. Cyber attacks can weaken national security by crippling businesses and supply chains.
Sanctions to Accelerate Cyber and Ransomware Attacks
As the US and its allies tighten global sanctions, attacks are likely to accelerate, said Lucas Budman, CEO of security firm TruU.
“As the Russian economy is hit hard by global sanctions, it will put immense pressure on Russia-based organized cybercrime rings,” he said. “These cybercriminals use ransomware as their currency of choice.”
In ransomware attacks, hackers lock down computer networks and demand payment to regain access. Some target large corporations for lucrative paydays, others use a “spray and pray” approach to blackmail as many victims as possible.
“These indiscriminate gangs make their money off the volume of infected systems rather than the size of a single victim,” said Chris Hallenbeck, chief information security officer at security firm Tanium.
Last year, hackers broke into a software company’s system through a software vulnerability. the Attack on Kaseyawhich sells software to help other companies manage their computer networks was believed to be the work of a Russian-speaking ransomware syndicate and quickly spread to hundreds of small businesses.
Secretary of Homeland Security Alejandro Mayorkas estimated last year half to three quarters of ransomware victims are small businesses.
Paul Martini, CEO of cybersecurity company iboss, calls it “a ticking time bomb”.
Small businesses with high risk
However, the vast majority of small business owners don’t think they will be victims.
“Most worry about the day-to-day aspects of doing business. Cyber attacks often escape their attention,” said Hallenbeck. “When they hear about it, they often hear about big companies paying substantial ransoms. It’s tempting to think your business is too small.”
As a result, small businesses often don’t know which of their systems are exposed to the Internet, Corey said.
They don’t keep the software up to date or patch security flaws. They don’t understand the vulnerabilities of third-party payroll software and other systems they rely on. You are not backing up files. And they don’t use multi-factor authentication, which provides an extra layer of security by requiring users logging into corporate systems to enter a code that’s sent to their phones as a text message, email, or push notification.
The price of negligence in cybersecurity can be high. A few years ago, a five-person company was attacked. The ransom, Corey said, was $50,000.
“I suspected they were hacked in first, and after the forensic investigation was completed, it turned out that they had been hacked several weeks earlier on an unpatched system with weak passwords. They had stolen financial data and threatened to reveal it if not paid,” he said. “That’s typical of what we’re seeing today.”
The good news for small businesses: There are simple, practical steps they can take right now to prevent ransomware attacks that don’t require big budgets, more technology, or hiring staff, said Karen Evans, Cyber’s chief executive officer Readiness Institute.
Back up your files
Back up your system regularly so that you can restore it if it gets infected with ransomware. Store backups on a separate device that cannot be accessed over a network.
“Should a ransomware attack occur and data become encrypted, you can recover systems after the breach if a backup is offline,” said Andrew Rubin, Illumio CEO.
It is also important for small businesses to regularly test their backups. “Some companies may make the fatal mistake of waiting until a ransomware or cyberattack happens to realize their backups weren’t complete or that they can’t restore them,” El-Sheikh said.
Use multifactor authentication
That estimates a Microsoft study more than 99% of all cyber attacks would have been prevented by multifactor authentication.
Update and patch software
Make sure all operating systems, software and apps are running the latest versions.
Use antivirus software
Install antivirus and antimalware software, use firewalls and other tools, and keep them up to date.
Treat emails with care
Be careful when clicking links in emails, even if the sender appears to be someone you know. If you are unsure, contact the sender directly.
Malicious website addresses are often very similar to legitimate ones, but with slight spelling differences or a different domain, e.g. B. .net instead of .com.
Be careful when opening email attachments, especially if they are compressed or ZIP files.
“Always visit a website directly and don’t trust links in email or text messages,” says Mark Ostrowski, technical director at Check Point Software.
Treat employees as your first line of defense
“People can be your greatest asset. Train and train all of your employees to recognize phishing and social engineering, and turn potential victim employees into an extension of your security team,” said Tessa Mishoe, Senior Threat Analyst at LogicHub.
El-Sheikh recommends providing cybersecurity training to all employees. “A ransomware attack can start with a person accidentally clicking a link, so every team member needs to be cyber-aware and accountable,” she said.
Phishing attacks are the most popular entry point for cybercriminals, Evans said. She recommends running regular tests to ensure employees can spot a phishing email.
Protect passwords, credentials
“Compromised or stolen passwords and other credentials are often used by attackers to access a network. So make sure you enforce good password hygiene and regularly change credentials for employees who have access to privileged or valuable information,” recommends Mishoe.
According to Evans, small businesses should ensure employees use strong passwords or passphrases of at least 15 characters.
Take advantage of free resources
CISA has free Ransomware Guides including step-by-step instructions on how to prevent an attack.
#Tips #Small #Businesses #Stop #Cyber #Attacks