The U.S. Federal Trade Commission (FTC) has released two steps for small and medium-sized businesses on how to protect their networks from ransomware attacks and thwart attacks that attempt to exploit vulnerabilities through social engineering and technology-targeted exploits.
Step 1: Make an encrypted backup
The first step a company should take to prevent cyber attacks is to set up offline, offsite, encrypted backups of business-critical information.
One of the most important steps for defense is to set up offline, off-site, encrypted backups of your business-critical information
This is not something you keep for when you’re not working in the office.
This is not something to save for when you are not working in the office.
IT teams should take the latest advice from CISA and other authoritative experts
Step 2: Train your employees, starting with counter-social engineering
The second step is to train staff to recognize the tricks that ransomware operators use to break into the target’s network, such as phishing messages that deliver malware designed to deploy a backdoor into the infected system.
The attacker also downloads and installs malware on the victim’s device via malicious online advertisements (also known as malvertising) and attacker-controlled infected sites designed to exploit browser vulnerabilities.
For this reason, employees should avoid potentially dangerous sites and only visit websites that have been reviewed by the company’s IT staff whenever possible.
In addition, teach your employees the folly of using the same password on different platforms, and consider the many benefits of multi-factor authentication
What to do if you get a ransomware attack
In the event of a ransomware attack, you should minimize the damage by isolating the infected device from the rest of your network, report the attack to authorities (such as the local FBI office), and notify your customers if their data was stolen before the system was encrypted.
The FTC also provides a detailed guide with all the steps a company should take to effectively respond to a ransomware attack.
This guide also includes a notification template for notifying affected people whose names and social security numbers have been stolen in a ransomware attack.
The FTC also outlined common sense steps to help mitigate the risk from ransomware attacks in a guide released last year.
- Patch your network and keep all software up to date
- Back up your system regularly and keep those backups separate from your network. Using separate credentials for backups will help keep your storage safe in the event that your network is compromised.
- Practice good cyber hygiene. For example, knowing which devices are connected to the network can help you understand your exposure to malware. Also, implement technical measures to mitigate risk, such as endpoint security, email authentication, and intrusion prevention software.
- Establish an incident response plan and business continuity plan. Test them in advance in case of an attack.
- Educate your employees on how to recognize phishing attacks and other social engineering.
Last month, the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) revealed the scale of the financial losses suffered by ransomware targets, linking some $5.2 billion in BTC transactions to ransomware payments.