Imagine this scenario:
Just as the holiday shopping season approaches, a toy company is navigating a nightmare situation: Its database files have been infected by malware.
Online criminals encrypted company files, making them unusable, and demanded a hefty ransom to unlock the data. The company faces the reality of thousands of dollars of lost sales during its busiest weeks of the year.
This is RansomWare.
The threat to our businesses is growing. Sixty percent of all online attacks in 2014 targeted small and midsize businesses, according to Travelers.
Why? Smaller companies are easier to hack. Typically, small to medium size businesses lack the resources to set up protective barriers.
Ransomware holds data hostage in return for money. Data is slowly encrypted by criminals until the entire system is locked up. The process of can take more than a month for criminals to complete. Sometimes, you never get your data back.
Hackers gain entry when employees click on malicious links in emails or download infected material. Unlike the theft of credit card data which requires sale of the stolen data to a middleman, ransomware is high volume and requires no middleman.
Given the increase in such attacks, being unprepared is like playing security roulette. If you’re not deploying enterprise-grade security, your business is at risk. Quality technology security is essential. The worst thing a company can do is use freeware or home office software when protection for email, websites, systems mandates business-class methods, practices and software.
Responza recommends a security audit as a first step. The audit should take note of potential areas of risk, like customer data or employee access. “How secure — or not — is your system?”
Strengthening security can be inexpensive and simple — something small businesses can do in part on their own. It can include updating antivirus software, adding firewalls and strengthening passwords. Or it can mean putting data in the cloud rather than on company servers, which may be more vulnerable.
Employee training is important. Since most hacking episodes occur when employees click on malicious links or websites, education is the best defense.
Online security tutorials are helpful and free. They can be found on government sites like that of the Small Business Administration, which also has webinars, and the site of the Defense Security Service, part of the Defense Department.
Fighting the good fight against online criminals should now be part of any company’s IT strategy. Once data is compromised, the ball is rolling in terms of cost. Banks generally are not obligated to repay money taken from an account. Legal bills aimed at recouping that money can quickly pile up. Do what you can to protect your business.
Contact Responza today to set up a FREE Information Technology Audit.