As seen in BCBusiness.
Are you prepared for a malicious attack? "It's not a question of if anymore, it's a question of when," says John Robertson of Fully Managed.
At 5 p.m. on a recent Wednesday, John Robertson got a call. It wasn't from one of his clients, but from the IT manager at a mid-sized Vancouver wholesaler, and he was in a panic. "They were seeing the infamous ransomware 'screen of death,'" says Robertson, director of business development at Fully Managed. "It said, 'Your data has been locked. The only way to get it back is to pay.'"
Global ransomware payments quadrupled last year, creating a billion-dollar criminal industry. Barry Semple, director of advanced solutions at Fully Managed, saw a tenfold increase in attacks in the first two months of this year alone—in most cases, halting operations; in some cases, stopping operations entirely. Ransoms have increased, too—often, it's 10 bitcoins, worth more than $11,000. And in Canada, where nearly 75 percent of ransomed companies end up paying, there is no guarantee the criminals won't hit them again.
In the case of the Vancouver wholesaler, it was likely an email click that launched the attack by Spora, a cryptographic virus that was first discovered just a few weeks before. "The virus was released in their environment and began encrypting critical documents," says Semple. The company was using an internal, legacy backup system that had not been run for a week, so it was imperative to act quickly. Within an hour, Fully Managed had staff on site, backing up files and installing advanced endpoint threat protection on all servers and workstations. This swift action immediately stopped the spread, and Semple's team was able to recover pre-infection copies of almost all encrypted files.
"They didn't have to pay," says John Robertson, who adds that the company is now a client of Fully Managed and properly protected against future attacks. "Criminals are constantly working on ways to get past security technology. By bringing our 150 clients with 10,000 endpoints together, we are able to provide enterprise-grade solutions to small- and medium-sized businesses that include intelligent endpoint threat protection, a managed firewall, and backup systems with ransomware protection."
The final and most important layer of protection, says Robertson, is knowledge. He offers five key tips for preventing ransomware attacks:
1. Educate everyone, from intern to C-level
"It's not a question of if anymore, it's a question of when. Once you recognize that, you can get the appropriate protections in place," says Robertson.
2. Partner with an organization who can make sure your is network is safe
An expert eye can look at your practices and see the insecurities—whether it's overly broad domain admin access or an improperly configured firewall.
3. Monitor your network
When a single click can infect a system, businesses need to know what's coming in and out on the Internet. "It's not about Big Brother, it's about basic security and understanding the vulnerabilities," says Robertson.
4. Use top-notch endpoint threat protection
When you face the same threats as multinationals, "you need the same protection," says Robertson. "Whether you're a five-person shop or 500, the right Managed Services Provider can protect you."
5. Have an automated and protected backup system
"It's about business survival," says Robertson. "In a worst case scenario, you know your data is going to be fine."
And if the worst happens and you are attacked, Robertson recommends to act fast. "Pick up the phone and call someone who knows how to deal with it," he says. "Getting hit by ransomware is a disaster that gets worse by the minute. And if you can't recover from it, you are in a lot of trouble."
To learn more about cybersecurity, click here.
Read the original article here.