Jeff Stutzman is the Chief Executive Officer of Trusted Internet LLC.
Imagine arriving at your office to find your computer screens frozen, replaced by a menacing message: “Your files are encrypted. Pay $100,000 in Bitcoin within 72 hours or lose everything.”
Or worse, an attacker claims to have downloaded your data and threatens to publish it openly if you don’t pay. This is the stark reality of a ransomware attack. Critical data, which can include customer information, financial records and operational blueprints, becomes inaccessible and is held captive by invisible encryption chains.
From my experience in cybersecurity, I see two main threats to other business leaders: Cybersecurity maturity model certification (CMMC) compliance and ransomware. The first is becoming relevant with a new law requiring all defense contractors working with the U.S. Department of Defense to be CMMC compliant (and, in many cases, audited).
While I will go into both, I plan on focusing on ransomware for this article.
CMMC Compliance And Ransomware Preparedness
Every U.S. Department of Defense contractor CEO’s head is spinning right now, preparing their companies for required CMMC rules that are about to become law. But beyond compliance, this offers a minimum baseline that contractors can prove.
However, the most insidious threat to every company is, has been and will remain, ransomware, a malicious software that holds data hostage, crippling operations and demanding hefty ransoms for its release. No business, large or small, is immune to its grasp, and in many cases, ransomware has become an extinction event for those unprepared.
Reputational damage can linger long after the ransom is paid and operations resume, impacting stock prices and future business prospects. The NotPetya ransomware attack in 2017, for example, inflicted an estimated $10 billion in damages globally, affecting companies of every size.
The Rising Threat: Double Extortion Ransomware
Today’s threats are even worse. Double extortion ransomware attacks are a rising threat. Attackers not only encrypt your data, locking you out, but also steal a copy. They then threaten to leak this sensitive information, adding immense pressure to pay the ransom.
This tactic severely impacts a company’s reputation, potentially leading to legal issues and customer distrust. Strong defenses, proactive security measures and incident response planning are crucial to combat this evolving threat.
How Ransomware Finds Its Way In
A recent report published by Corvus Insurance shows a surge in attackers leveraging VPNs for initial access, contributing to 28.7% of ransomware claims.
Many incidents were traced to outdated software or VPN gateways with default or weakly protected accounts. Common usernames like “admin” or “user” and a lack of multifactor authentication (MFA) make these accounts vulnerable to automated brute-force attacks.
How else do ransomware attackers get into your systems? Here are some of the most common to look out for:
• Phishing emails.
• Vulnerable software.
• Weak passwords.
• Exploiting publicly exposed remote desktops via remote desktop protocol (RDP).
Protecting your company, regardless of its size, requires a multi-layered approach that combines technology, employee awareness and proactive measures.
Ways To Strengthen Your Defenses
• Invest in robust cybersecurity solutions. Firewalls, intrusion detection systems, anti-malware software and email filtering are essential tools in your arsenal.
• You also want to patch regularly. Keep your software and operating systems up-to-date to close security loopholes.
• Next, enforce strong password policies. Require complex passwords, regular changes and multifactor authentication.
• Lastly, secure remote access. Implement secure VPNs and limit RDP access to authorized personnel only.
Along with these guidelines, here are some other strategies and mindsets to help strengthen your operations against ransomware:
Empower Your Employees
• Conduct regular security awareness training. Educate employees about phishing scams, social engineering tactics and safe browsing habits.
• Establish clear security protocols. Develop and enforce policies for data handling, password management and software usage.
• Promote a culture of cybersecurity. Encourage employees to report suspicious activity and prioritize security in their daily tasks.
Plan For The Worst
• Back up your data regularly. Maintain offline backups of critical data to ensure recoverability in case of an attack.
• Develop an incident response plan. Establish clear procedures for identifying, containing and recovering from a ransomware attack.
• Consider cyber insurance. A comprehensive cyber insurance policy can help you mitigate financial losses.
In today’s interconnected world, I see cybersecurity as no longer an optional add-on but a critical business imperative. If this list seems daunting, you can consider shared security services, including outsourcing to a managed security service provider whose only job is to protect your company.
Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
Read the full article here
