Ransomware: How much would an attack damage your business?

30 Jul 2021, by Slade Baylis

With any online business the security of stored client data is of utmost importance, both due to the sensitivity of the data and also due to the impact to your business should that data be compromised.

Over the last few years there has been a massive increase in the amount of Ransomware attacks, targeting not only larger corporates, but even smaller companies that often don’t expect to be the targets of such malicious activity.

The goal of a Ransomware attack for the malicious actor is simple, either get you to pay them to recover your data or sell if for profit (or sometimes both, as there is little honour among thieves). 

The way that usually plays out is as follows:

• A vulnerability is found in your business IT infrastructure by malicious third-parties
• They exploit that vulnerability to get into your systems and get access to sensitive data
• They encrypt all that information and files critical to your businesses operations and prevent you from accessing it
• They then threaten you both with negative press and the loss of the data unless you pay them a fee, at which point they will give you access back to your system

At that point you are either pay the fee and hope that they give you access to your files. Extortion amounts can range from a few thousand dollars to tens of thousands of dollars depending on the size of your operation and the data they have encrypted. The criminals will create time pressure by giving you very little time to pay them before threatening to delete the encryption key (and thereby all your data forever).

Generally, payments are made through bitcoin, a cryptocurrency that is hard to trace back to the owner. This forces companies to set up bitcoin accounts and shift money from their bank. This generally raises the bank’s suspicion creating more pressure as the bank drills into the request further. Don’t bother asking the local police or AFP as they are powerless to help you recover your data or even track this perpetrators down.

With both options you are faced with the uncomfortable reality of having to inform your clients, taking that damage to your businesses reputation, and of the possibility of that data being sold to third parties.

Some businesses have struggled to come back at all from such damage to their reputation, with their biggest/key customers being unable to trust in the integrity of their services moving forward and choosing other providers for their services

How to prevent ransomware attacks

So with that danger being a reality, comes the question of what can be done to mitigate that risk and prevent any sort of intrusion into your IT infrastructure

Backups

When targeted by a ransomware attack, two of the biggest problems faced are:

• The loss of critical business or client information
• Having computers and/or servers that are critical to your businesses operation offline

One of the most effective ways to protect yourself from both of these issues is to make sure you have a frequent and robust backup system in place.

With such a backup system in place you can both rest assured that you still have a copy of your data in the event of a breach, and also that you can get your systems back up and running without needing to pay-off the extortionist and rely on their good nature to get your infrastructure back online.

An important thing to note is that a backup system that is both stored separately from your own systems and stored securely is much more reliable in these circumstances, as it’s less likely to be affected should your systems get compromised.

This is why we recommend to our customers that they look at using our Veeam or Acronis backup platforms, as they are:

• Stored in an off-site location
• Separate from their own infrastructure and managed by Micron21
• Encrypted both in transit and in storage
• Transmitted over Micron21 Dark Fibre

With both systems able to keep frequent backups of your systems securely, our customers can rest assured that their data is always safe and they will always be able to restore them in an emergency.

Cyber-risk Insurance

Whilst the threat to your systems and data is obviously one that you need to protect yourself against, another key threat is the financial impact of:

• Claims against you for privacy breaches and/or loss of data
• Business interruption due to a cyber-attack
• Damage to your IT systems or data
• Damage to your brand and personal reputation
• Fines and penalties incurred due to a cyber-attack

That’s why we recommend that our customer make sure they have some form of Cyber-risk Insurance, especially if they store private information for employees and customers.

Cyber-attacks can result in fines, extortion demands, legal action, and more, all of which can cost your business upwards of thousands of dollars; so it’s not just the technical side that businesses need to protect themselves from.

With Cyber-risk Insurance a business can protect themselves from at least some of the costs associated with those sorts of cyber-incidents.

Vulnerability Scanning

It’s a truism that any IT system will be vulnerable to exploitation at some point (at least until it’s patched). 

Whether it’s because of a new vulnerability that is found in an older and un-updated piece of software, or a new bug that is introduced with a update from the software vendor themselves, it’s important to make sure that you are the one to find any possible vulnerabilities before someone else does.

Thankfully with this being such a common requirement there are many different tools available to do that. This is why Micron21 has recently partnered with Qualys who are the leading provider of information security and compliance services and solutions. 

Empowered by systems provided by Qualys, we are now able to offer continuous and automatic infrastructure scanning and patching service. 

With this service our customers can:

• Be aware of any threats of misconfiguration issues that exist within their IT infrastructure
• Fix those issues before they can be exploited by malicious actors
• Make sure their IT systems meet regulatory or legal requirements around the security of sensitive information stored within their systems

If you are interested in our vulnerability scanning and patching service, you can find more information on that at the link below:

https://www.micron21.com/vulnerability-scanning

Alternatively, you can reach out to our Sales Team via phone on 1300 769 972 (Option #1) or via email at sales@micron21.com 

We’ll be able to discuss that with you and make sure that the solution meets your individual business requirements.