Your First Cyber Security Move in 2021? Start With Backups
What many businesses don’t realize is that their best defense against disruption from ransomware and other cyber attacks is data backup and recovery.
There were thousands of ransomware attacks in 2020. Businesses that worked with a managed service provider (MSP) such as SWAT Systems recovered their data for less money and fewer headaches than paying the ransomware demand. Forward thinking and developing a recovery plan pays off.
Data Backup and Recovery After a Ransomware Attack
Sophos, a company that makes antivirus and encryption products used worldwide, recently released their 2020 State of Ransomware Report. It found that, of organizations that get their data back after a ransomware attack, only 26 percent recovered data by paying the ransom. Most businesses — 56 percent — recovered data by restoring their backups.
Paying the ransom also doubles the cost of data recovery and rewards criminals, encouraging more cybercrime. So, invest now in prevention and backups so that if you are attacked, you won’t even have to consider paying the ransom.
Here are a few tips for better cyber security in 2021.
- Create (or update) your data backup and recovery plan. Your IT team or MSP will help you decide which type of backup solutions are best for your business and your budget. They will also plan how often to implement them.
- Train your team to spot attacks and avoid falling victim (that means everyone and often). Do they know how to spot emails, texts, social posts that might not be legit? The best MSPs include training your team as part of their package. MSPs also have the manpower and technology to stay on top of the latest trends in malicious attacks.
- Control cyber security at the device level to make sure every device on your network is protected. Firewalls or third-party devices can protect against ransomware and provide complete endpoint protection. Install one today. (Yes, an MSP can help with this, too.)
- Run simulations of cyber attacks. This is not that easy to do on your own, which is another reason to work with an MSP. Simulations identify weak areas where re-education or additional training might be needed so that staff doesn’t expose the company to a data breach.
Is Your Business or Industry at High Risk?
Aside from the software supply chain cyber attack on Solar Winds in December, some of the largest cyber attacks in 2020 were small businesses, as well as cities, schools and hospitals.
Small and Medium-Sized Businesses
Considered soft targets, small and medium-sized businesses are not only top targets, but one attack can put them out of business. According to an Inc. report, the National Cyber Security Alliance found that 50 percent of small businesses had experienced an attack and 60 percent of those were out of business within six months.
And, the attacks were most likely preventable given that the same study found that 43 percent of small businesses did not have any cyber security defense plan.
Attacks on small businesses rarely hit the news, certainly not like Solar Winds, Microsoft and other mega companies. But the impact of a cyber attack on small businesses can be especially devastating, according to that same study. Here are the reported facts:
- It cost $10,000 or more to resolve the breach, according to 25 percent of them
- It took 24 hours or more to recover from a breach, according to 50 percent
- Business was lost by 25 percent
- 40 percent reported losing data
Again, all preventable with a cyber attack defense plan in place!
Cities and Municipalities
The city of New Orleans was hit with ransomware early in 2020, shutting down 4,000 of its computers and demanding $7 million to restore the city’s systems. But the city did not give in to the ransom demand. It opted to invest $4.5 million to remedy some of the damage, only $3 million of which it recovered from insurance.
The city eventually replaced 400 computers, increased its insurance coverage, updated its software and developed a much needed disaster plan for the future. It took more than six months to get back to a semblance of normality.
Hospitals and Medical Facilities
Six U.S. hospitals were hit in July 2020 with a coordinated attack that forced patients on their way to the hospital to divert to other healthcare providers, delaying critical care. Patients already in the hospital were also affected, as needed tests and treatments weren’t possible because systems were compromised. A red alert went out to all U.S. hospitals as a result.
Schools and Universities
In early 2020, the University of California San Francisco paid $1.14 million to get a key to decrypt its data after being hacked. The University of Utah paid $457,059.24 to unlock its files and restore its phones and internet services. K-12 schools in New York, Connecticut, Oklahoma, Nevada and New Mexico were also hacked and compromised.
What do all these attacks have in common? The targets were businesses and organizations that often don’t usually have the most up-to-date IT equipment or staff with extensive cyber security experience to combat the cyberattacks. Don’t be one of them: Get on the path to better cyber security today. Your first step? That data backup and recovery plan so if an attack does occur, you can recover quickly and at a lower cost.
You are Going to Get Hacked
Know What to Do with our Checklist
Whether you've been hit by ransomware or are just worried about a ransomware attack, this checklist can help. This one page checklist has simple instructions to help your team act fast and feel confident in how to respond. Print, post and prepare your team wo know what to do in a ransomware attack.