Safeguarding from a Ransomware Attack: What to do First
Recently, in our very own backyard, the City of Tulsa faced a ransomware attack that took down their computer network and has caused a lot of downtime within the local government and inconvenience to the citizens of the city. Unfortunately, this ransomware attack isn’t an outlying occurrence, at the 2020 Cybersummit, the FBI noted that, “Over the last year or so, we’ve really seen an explosion of ransomware and we’ve seen the ransom demands increasing from tens of thousands of dollars in 2015 to hundreds of thousands of dollars and most recently we’ve seen ransom demands in the order of millions of dollars.” According to an article in the Tulsa World updated on May 11, 2021, the City of Tulsa’s IT department did eventually locate the threat and they have been actively trying to get the issue fixed, getting the network back to operational has been a lengthy process.
If prominent companies and organizations can be hit by attackers, how does the average small to medium sized business protect its data and minimize damage and downtime if targeted by a ransomware attack?
Get a cyber security audit done for your network. VIP has the capabilities and expertise to audit your business and assess vulnerabilities to customize a solution to mitigate your threats of a ransomware attack. Had the city of Tulsa had an audit done, their IT team might have been made aware of vulnerabilities in their network before the ransomware attack.
Make sure you’re using the right security software and hardware. As with most things in life, you get what you pay for. If you’re in the habit of using free security software on your systems, this is your sign to ramp up your security. Often, free software causes more harm than good, and if you’re protecting the data that your company needs to do business, then you need software and hardware that’s actually going to do the job. Currently, VIP uses Fortigate firewalls for edge security and Sentinel One software for endpoint protection. We make it our business to stay up to date on the latest in cyber security and offer nothing but the best for our customers.
Have an offsite, reliable backup. While it’s good to have an onsite backup for some restores, to make sure your data can be restored in the event of an attack, it’s always best to have an offsite backup that’s being maintained on a regular basis. Attackers will oftentimes try to corrupt any online backups you may have, so before you go about restoring your system with the backup, verify that the data is both accurate and recoverable. We recommend the 3-2-1 method for backups, meaning you should have at least 3 copies of your data on 2 different mediums, 1 of which is offsite.
Make sure your network is secure and being maintained whether by an in-house IT specialist, an outsourced IT specialist, or a combination of both. Many companies believe it has to be one or the other. But supplementing your current IT department with a Managed IT Services plan can help ensure that nothing is slipping through the cracks and your IT team has the time to accomplish other tasks while VIP manages monitoring and maintenance of your network.
It’s important to note that if any IT or cyber security company promises you that with their services your company’s data is bulletproof, they’re not being fully honest with you. At VIP Technology Solutions Group, we believe in transparency, and we guarantee that risks to your cyber security will be mitigated and that in a worst case scenario, we will do everything we can to restore your businesses network and data. We make sure that the cyber security solutions your company has access to are up-to-date and protect against the latest known threats.
If your company is interested in Managed IT Services to ramp up your cyber security, get a free evaluation here.