A Rural And Small Business’s Guide to Ransomware
Oh no! You arrive at work this morning after the daily commute, luckily there’s not too much traffic out here. You make the final turn towards the office, sighing contently as you park your car and make your way inside. “Today’s going to be a good day”, you think to yourself as you assertively readjust your tie. Once inside, you notice that there is something noticeably different about your computer. You try to open your documents, but they have a weird extension on the end and when you open them, they want you to pay to access the contents! Everyone else in the office is having the same issue as you, and the file is saying that it can only be accessed if a certain amount of money is sent to a Bitcoin address! What should you do?!
A lot of not only rural companies, but people, can fall victim to one of these cyberattacks. This attack in particular is called a “ransomware” attack. These are the most common types of attacks that small companies receive and they can be devastating. However, they can be stopped! In this blog post, I will tell you
1. What ransomware is
2. How it affects REAL businesses
3. WHY you should care
4. What you can do to prevent these attacks!
What is ransomware?
Put simply, ransomware is the name of a type of cyber-attack that prevents you from accessing ANY of your company data that the attacker was able to access. It does this by using a technique known as “encryption”, which basically means it makes the contents of the files look like complete gibberish when opened. This is achieved with a key (like a password), which can be used to scramble and de-scramble your company data. The attackers are the only people who know what this key is and they will only give it to you if you pay a sum of money for it (hence the name ransomware)!
Ok, I know what you’re thinking. “I’m a small business owner with a small number of employees. Why would hackers be interested in my business? There are so many OTHER corporations out there with much more employee information and data for them to sell off to third parties. So, my company is safe. Right?” Well.. not exactly.
See, hackers are smart. They’re not your average criminal that walks into a bank wearing a ski mask with a gun, asking for money. They know how people work and they will do ANYTHING in their power to, first off, find loopholes in any system (whether that be a human system, computer system etc.), and secondly, NOT GET CAUGHT. Hackers can even get past antiviruses and they know that small businesses are less likely to have solid security posture and are more likely to pay the ransom, which puts these types of businesses in a vulnerable position! Think about your own business, how long could you function without access to your companies’ data?
It is best to take cybersecurity seriously and proactively implement solid security posture, no matter how big or small your company is! You can read up on the basics of how to do that here: https://cdsec.co.uk/security-posture
Why you should care (Case Studies)
“Ok, that makes sense, but you still haven’t explained why I should care yet. My company doesn’t have much IT infrastructure and if it gets hit with a ransomware attack, what actually happens?”
You can see a real-life example of this happening at the University of the Highlands and Islands this year:
In the article, it says that “the cyber-attack had affected the university’s key systems and services at all campuses.” Most of the Universities systems have been offline since the start of the attack and the majority of classes are not running. Our local chain of universities is currently being held to ransom by attackers. This is some really serious stuff and it puts YOUR personal data as well as your employees’ data at risk! The damages caused by cyber-attacks can also cost you a LOT of money. According to IBM Security, the global average total cost of a data breach in 2020 is $3.86 Million US Dollars! That’s £2.7 Million Pounds! Thankfully, the University has access to the resources to resolve the attack without having to pay the ransom. They will have backups in place that can be restored and replace the encrypted files with the originals. But it’s not as simple as doing that, they first need to eliminate the threat and ensure the systems are clean before restoring the data, Otherwise the ransomware will continue to encrypt the restored data.
Another very recent example of a Public Body that fell victim to of cyber-attacks is this article published by SEPA: https://www.sepa.org.uk/about-us/cyber-attack
A very similar example to UHI, where a ransomware attack took hold and disabled the computer systems for a prolonged period of time. SEPA is another organization that has access to vast resources and direct help from the National Cyber Security Centre and yet it still took weeks to fully restore and recover from the attack.
We can see from both of these examples, that even with the money and manpower available to these organizations, it is a long process to recover from a ransomware attack. Most small businesses don’t have access to the resources to respond in the way UHI & SEPA have done and yet still don’t make any moves to protect themselves. We’ve seen one too many small and rural businesses have to recreate their entire company data from scratch because they didn’t have the basics in place. Years of work is wiped out in seconds and irrecoverable.
How to protect & recover from a Ransomware attack
Before all of this, the MOST important thing to do is NOT pay the ransom! These hackers want money, but there are other ways of getting around it If you don’t know what to do, then ask someone, whether that be ourselves, another external organization or even an employee. But, do NOT pay the ransom!
With that being said, if your company gets attacked, then it is highly recommended that you follow SEPA’s approach in how they recover from this.
1. Make a plan
2. Consult Cyber Security & IT Professionals
3. Be public and COMMUNICATE about it! Especially to your employees! If this is not addressed and acknowledged to everyone in the company and possibly other authorities if needed, it could result in more internal issues such as trust and more damage to the infrastructure of your company! There’s no shame in seeking help when you need it 🙂
4. Keeping everyone updated. Not only is communication one of the most important things to do in this situation, but CONSISTENT communication is even more important. Make sure everyone works as a team, encourage one another and ALWAYS keep communicating to make sure that everyone knows what they are doing!
By implementing these three basic things, you can be sure that your company as well as your company’s infrastructure and personal files will be recovered from that nasty cyber-attack in no time. Of course, it’s much better to prevent, than respond. There are a number of different things you can do now to prevent this from happening to your business.
1. Consult a Cyber Security Expert to examine your business and its systems
2. Engage with the Governments Cyber Essentials Scheme
3. Review the NCSC guidance on preventing Ransomware
4. Keep regular offsite backups of all vital company information
5. Run antivirus, antimalware and antispam systems
What have we learnt?
So, in conclusion.. we have learnt that:
1. Cyberattackers are not a threat to be reckoned with. They are smart. But if you know what to do, you can keep the integrity of your company and your company’s infrastructure safe.
2. Do NOT pay the ransom! Use online decryption tools or ask someone that you know who knows about how to deal with cyber-attacks!
3. Consistent Communication and working as a team is KEY for disaster recovery. This will allow your company to work at maximum capacity, sharing and distributing the workload instead of you having to do all the work. I bet that takes the stress off!
4. Overall, implement a good security posture and take cybersecurity seriously!
Once you start implementing these strategies into your company, you will not only have piece of mind when an attack does occur, but you will have saved a lot of money because you know exactly what to do!
We can help you along the journey to becoming secure with everything mentioned in this blog. Please do reach out to us for an expert understanding of rural and small businesses and how to implement these safeguards on a small business budget.