Small businesses are at a greater risk for ransomware attacks than large corporations.  How would you respond to a ransomware attack?  What would it mean if your network became encrypted and inaccessible? 

What Happens in a Ransomware Attack

Imagine a user in your office makes an errant click on an email, which unleashes a Crypto-type ransomware attack.  Within seconds, it begins to encrypt all your data.  As the ransomware works its way through your network, it’s encrypting email, sales records, billing, calendars, employee information, spreadsheets, and on and on. 

The user is now panicked, and that fear spreads through your office.  The immediate effect is that people have stopped working.  You’ll probably unplug the impacted machine from the wall to try and limit damage.

Depending on how much time has passed, your entire network may be down. 

How You Respond to a Ransomware Attack

If you have cyber liability insurance, your first call will likely be to your insurance agent.  Their response will depend on the type of policy you have.  They will advise you regarding next steps. 

If you have a reliable backup, the best option may to be to restore from the most recent backup.  In the best case, you may lose a couple hours of work.  In the worst case, you may lose several days of work.  Either way, you will avoid paying a ransom.  Your IT support will get to work right away.

If you don’t have cyber liability insurance or a reliable backup, you’ll decide whether or not to pay the ransom.  You'll base your decision on how much data is encrypted, and maybe the amount of the ransom itself.  You'll probably seek legal advice and other professional opinions. 

Opinions vary on whether or not you should pay the ransom. Ransom is usually requested in bitcoin, a digital currency, so you would need find bitcoin from an online source.  Either way, you’ll be spending money and time to make the right decision.

In the meantime, you’ll need to communicate with your staff so they will know how to take care of your customers and the day-to-day running of the business as best they can. 

You may also need to contact authorities.  This will depend on the type of data that’s been breached, such as personal health information or personally identifiable information (names, addresses, etc.) even if you recover the data.

Reduce the Risk of a Ransomware Attack

As an overview, here’s how you can reduce the risk of a ransomware attack to your business:

  • Don’t think your business is safe from a ransomware attack. EVERY business has information that can be valuable to a cybercriminal.  Take the necessary steps to secure your network, including anti-virus, anti-malware, and updating patches (at a minimum).
  • Maintain an updated network backup. Regularly test the backup to make sure it restores properly. 
  • Educate your team to “click safely”. Avoid clicking on unknown attachments, strange links, or unsafe websites.

If you’re considering outsourcing your business IT, contact CRU Solutions