The statistics surrounding ransomware, the most prominent malware threat in 2021, are alarming. Approximately 37% of organizations were affected by ransomware in the last year (Sophos, 2021) and the average ransom fee requested has increased from $5,000 in 2018 to around $200,000 in 2020 (National Security Institute, 2021).
Businesses of every type and size need to take this threat seriously and ensure that the proper defenses are in place. Today, it’s no longer a matter of if — it’s when. While there’s no guaranteed method of preventing every attack, there are a number of best practices that can help minimize risk.
1. Stay on top of updates.
One of the easiest ways to minimize vulnerabilities is to ensure that all of your software is up-to-date. For websites, this means that you should regularly be updating WordPress, themes, and all plugins to the latest version. If you see a red circle with a number when you login, you have work to do!
You should also ensure that your personal computers, mobile devices, business software, and network equipment are all updated regularly. Updates contain security patches to known vulnerabilities that can be exploited by malicious parties.
If you are unsure of how to update or would like help, reach out to us for one-time assistance or a website maintenance plan!
2. Craft A proper Backup Plan.
Your website is likely one of your largest investments. It’s also one of the most vulnerable. When malware infects your website, the intruder has the ability to hit you where it hurts the most. In a worst case scenario, they can access sensitive customer information or threaten to take business-crippling action in lieu of a ransom payment.
In the event of a malware infection, a proper backup plan can allow you to roll-back to “known good” version and patch the vulnerability — stopping the intruder in their tracks. It can also help you detect malware quickly.
For example, with our Codeguard product your website will complete a daily offsite backup and malware scan. Daily snapshots can be kept indefinitely, allowing you to instantly rollback to an uninfected version. Plans start at $2.99/month. Click here to view plans or contact us today to find out more.
3. Protect Your E-mail.
The most common tactics hackers use to carry out ransomware attacks are email phishing campaigns, RDP vulnerabilities, and software vulnerabilities (Cybersecurity & Infrastructure Security Agency, 2021). Attackers use these vulnerabilities to gain access to sensitive data and inject software that allows ongoing and further access.
We highly recommend that all businesses use a professional e-mail solution, such as Google Workspace, and do not use e-mail services included with hosting accounts (even our own!). Proper e-mail server management takes serious know-how.
However, if you do currently use e-mail included with your web host or another smaller provider we recommend that you subscribe to incoming e-mail filtering, outgoing e-mail filtering, and e-mail archival services. These services will help prevent infected messages from being received or sent from your domain.
If you’d like to migrate to Google Workspace services but don’t know where to start or how to manage this for your domain, contact us and we’d be happy to help!
4. Use a VPN to secure your communications.
It’s 2021. We’re all working from anywhere but a secured office network. Plus, 65% of employers allow their employees to access company applications from unmanaged, personal devices (Bitglass, 2020). Be smart and protect your business’s critical data.
It’s highly recommended that you engage an MDM (mobile device management) solution to enforce security measures with your employees on all of their devices. It’s also recommended that all data (personal or business) is conducted through a secure VPN. A VPN, or virtual private network, creates a secure tunnel for your data to travel throughout the internet.
We offer easy to use VPN services that protects your data with 256-bit AES encryption. Plans start at $9.99/month.
To Sum it up.
These are just a few of the many ways that you can secure your business data and minimize the risk of malware/ransomware attacks. Failing to put the proper protections in place can leave you vulnerable and even liable if sensitive customer data falls into the wrong hands. Be smart. Protect your data and your customers and don’t forget a good insurance plan incase things don’t pan out. If you need help with any of the solutions mentioned above, please contact Florida Web Architects today.