For much of ransomware’s evolution, many small and medium-sized businesses (SMBs) have failed to embrace the idea that they are ransomware targets. After all, why target an SMB when Fortune 500 companies have the much deeper pockets? Seemingly, a hacker is far more likely to attack Walmart than Walter’s Corner Market. But that confidence is rapidly evaporating.
No SMB target is ‘too small’ anymore
Ransomware has become commonplace, a staple of local and national news. We have seen breaches in colleges/universities, art galleries, construction companies, and municipalities (Leonardtown just the other week!). The problem is occurring everywhere and SMBs are now bearing the brunt.
The thing is that an SMB’s size actually make them more of a target and not less. The reason is that a successful hack on a major company is usually met with overwhelming return firepower. A huge company can respond with resources, system redundancy, and a whole toolkit to make the hacker’s lives tougher.
But the corner drugstore? No. A corner drugstore will be brought to their knees and the owner may be more likely to simply pay the money so they can get on with their business. This has now created an odd inverted dynamic where the companies that are the most vulnerable are usually the ones that can least afford a hack.
Ransomware problem will get worse before it gets better
The main reasons for this are that small business owners are known to not invest in IT security, or in security awareness training. The bad guys view small business owners as low hanging fruit and easy targets. Small businesses are overconfident and underprepared. That’s a bad combination. If you run a small health clinic or even a family bakery with a handful of computers in the backroom, you are now a target.
So what can be done to circumvent this threat as best as possible?
As this threat has increased over the past few years Idea Solutions has implemented additional software and procedures that bolster the security stack that’s responsible for providing the protection to your network, servers, PC’s and data. New software that includes Artificial Intelligence that looks for processes out of place, or actions that look our of the ordinary. Programs that will enforce security patches for your PC’s. And more thorough anti-virus/malware software. These additional features were a necessity to stay ahead of this growing threat.
But even with all these measures in place, ransomware is still a major threat. Most ransomware is invited into your network via one of your employees. How? Almost always email and lack of training. The good news is that one of the most effective weapons is one of the least expensive: awareness training. And this is only one of the additional features Idea Solutions offers to help protect you from ransomware. Below are security features available to our clients:
- MANAGED DETECTION AND RESPONSE (MDR) – Security Operations Center (SOC). An MDR service provides 24/7/365 coverage so your organization can focus on other priorities. Let an experienced MDR team monitor, actively hunt, and respond to real-time threats. MDR teams consist of former US Government Cyber Security operators.
- Risk and Vulnerability Assessments
- Social Engineering Exercises (Uses weaknesses in human nature to access company information. Phishing simulations to test the awareness of your staff).
- Security Awareness Training (train your users, Phish your users, and track your results).
- Incident Response Planning and Assessment (Ensure an organized approach to managing a cyber incident. Half day to multi-day table top exercises).
If you have questions regarding the current threat of ransomware, or are interested in any of these additional security measures please contact us to discuss.