Businesses are still the leading target for ransomware attackers in 2024. Notorious groups with names like Medusa, Akira, and INC Ransom are targeting governments, healthcare providers, and education industries but the majority of attacks (over 80%) are still against small businesses. So, it’s understandable if you’re a small business owner finding it hard to sleep at night. 

The average ransom demanded is over $200,000 and even though most small businesses pay the ransom, they only get back an average of 65% of their data.

While it makes sense to partner with a cybersecurity consultant to ensure your business is protected, there are steps you can take now to secure your business against the dreaded ransomware attack. 

Backing up your business critical data and systems is a relatively easy and cost effective measure that enables recovery, provided you use the 3-2-1 backup model. What is 3-2-1? It means you backup your data to three sources. Two of the sources should be different media cloud and physical (e.g. external backup drives). One must be stored off-site (e.g. at the business owner’s home, locked in a safe). Most systems  can be set to automatically backup files to a cloud source like OneDrive Folder Sync (Windows 10 and 11) or File Locker (MacOS). Make sure the folders you select contain your business critical data and use encryption features where available. Buy a new external hard drive with enough storage space to hold your data and a system image as well. And as with cloud backups, use encryption features where available. 

You’ll need to perform external drive backups as frequently as makes sense. So, if your business relies on daily or weekly changes to your critical files, back them up accordingly. If your systems change monthly for updates, security patches, and other changes, make sure the image backed up is the most recent version. Perform additional backups when any major change happens between your scheduled backups (e.g. new software is added or removed, you’ve performed a recovery from backup, etc.). And definitely take one of those physical backups off site!

The second, but not less important step, is to train your staff to look for the signs of phishing and other suspicious tricks attackers use to execute their ransomware on your systems. You’ve probably seen videos or had some training on phishing but make sure you train every member of your staff to be suspicious and not click on any links or visit websites that aren’t completely trusted and appropriate in the conduct of your business. People are the weakest link in nearly all cyber-attacks and ransomware is no exception. 

If you find your business has been attacked, you probably should seek professional Incident Response support. This is the fastest way to get your business back up and running. Having your backups up to date and multi sourced using the 3-2-1 method enables them to restore functionality quickly and reduce the losses in both data and dollars.

We Know Cyber can help prepare you and recover from a cyber-attack, but your own proactive steps can prevent it from happening and smooth the path to recovery.

For more details about ransomware attacks in the first half of 2024, see https://www.infosecurity-magazine.com/news/ransomware-demands-staggering-5m/?&web_view=true