How to Protect Your Company From Ransomware Attacks

The average cost of a data breach has increased from $5.4 million in 2013 to $6.5 million at present. Even more troubling? The fact that 60 percent of organizations fail within six months of getting hacked.

Oct 18, 2018

The average cost of a data breach has increased from $5.4 million in 2013 to $6.5 million at present. Even more troubling? The fact that 60 percent of organizations fail within six months of getting hacked.

Cyberattacks have become big business for hackers, so the stakes of your business have never been higher. In March, the city of Atlanta suffered a massive ransomware attack that is estimated to cost over $11 million to fix. In the case of Atlanta, the warning signs were there, but they were ignored. By the time the damage was done, the city had to take a reactive approach in attempt to recover their losses. This is an unfortunate reality for many organizations and institutions, no matter the size.

Establishing and following preventive strategies to keep systems safe should be a no-brainer for all organizations, but sometimes these efforts fall by the wayside. From a ransomware prevention perspective, there are many moves that can be taken immediately to prevent attacks before they take hold.

To prepare your organization to be well-equipped when it comes to protection from a ransomware attack, the following items are critical:

  • Systems should be continuously monitored and patched: A major fault of many organizations is failing to ensure all systems are up to date and monitored. With up-to-date monitoring systems and vulnerability scans in place, organizations can be aware of when potential threats arise. Being ahead of the threat is the only way to prevent an attack.
  • Employee training program: Employees should be made aware of scam emails and what attachments they should avoid opening. Once attachments are opened through a phishing email, the scammer can easily access the system and infiltrate. Making trainings available to employees can keep money and valuable data in the employer’s pocket later.
  • Have a sound backup in place: It is vital is to perform regular backups of systems so data can be restored to a point in time prior to the ransomware entering the environment.   

In today’s all access environment, there are many tools out there now to detect the heuristic characteristics of ransomware. These tools are used by many organizations so they can continuously scan and check for potential threats.

Once the groundwork is laid, highly qualified experts should be on the lookout to detect any error a tool may miss. We conduct tests for our clients, usually on at least an annual basis, and run thorough testing to bolster cyber defenses.

In the event that a ransomware attack makes its way into your system, the most important step is stopping its spread. The sooner an organization can stop a ransomware attack, the better off it will be. The following are the immediate steps that should be taken in the event of an attack.

  1. Shut down the system as quickly as possible so it does not spread: Taking systems offline can allow the organization to determine what has been affected. 
  2. Restore systems that have been affected: Restore data and systems from backups that have been impacted by the hack.
  3. Rebuild: If needed, rebuild systems that did not have adequate backup, but only when restoration is not possible, to save time, energy and money.

If an organization is not equipped with up-to-date backups, they could be subject to a rude awakening. Without backups, organizations could be held at ransom, and in the worst cases be forced to pay the criminals or suffer from having to rebuild a completely new environment and lose data that will be difficult—if not impossible—to restore.  

To avoid finding oneself in a helpless situation, executives must place high importance on cybersecurity. Although having systems in place may appear costly at the onset, the costs often pale in comparison to the price of reconfiguring a whole online environment, as was the case in Atlanta.

As busy organizations, we get caught up in the day to day and forget about potential setbacks. It’s all too easy to believe a ransomware attack won’t happen to you. This belief is idealistic, but unfortunately is often untrue. Ransomware attacks happen every day to organizations large, medium and small. To get ahead of the potential hack and prevent stress and loss of finances, be proactive and protect your organization today.

Jessica Dore leads Rehmann’s Technology Risk Management Group.

Read Next
Financial Cyber
Cybersecurity
Ransomware Report Shows Fewer Incidents, Future Concerns
May 3, 2024
Latest in Cybersecurity
All-In-One Manufacturing Management
Sponsored
All-In-One Manufacturing Management
May 1, 2024
General Cyberattack
CISA, FBI Release Secure by Design Alert
May 3, 2024
Financial Cyber
Ransomware Report Shows Fewer Incidents, Future Concerns
May 3, 2024
Manufacturing Infrastructure Cyber
CISA Releases Latest ICS Advisories
May 3, 2024
Related Stories
Financial Cyber
Cybersecurity
Ransomware Report Shows Fewer Incidents, Future Concerns
Cybersecurity
Cybersecurity
ZAG Technical Services Announces New Cybersecurity Offering
I Stock 1251037786
Cybersecurity
What is Volt Typhoon?
All-In-One Manufacturing Management
Sponsor Content
All-In-One Manufacturing Management
More in Cybersecurity
Intuitive and Flexible Manufacturing ERP
Sponsored
Intuitive and Flexible Manufacturing ERP
Acumatica looks to offer new solutions.
May 1, 2024
General Cyberattack
Software
CISA, FBI Release Secure by Design Alert
The two agencies are urging manufacturers to eliminate directory traversal vulnerabilities.
May 3, 2024
Financial Cyber
Cybersecurity
Ransomware Report Shows Fewer Incidents, Future Concerns
The fear is that larger RaaS groups are exercising greater control over their affiliates.
May 3, 2024
Manufacturing Infrastructure Cyber
Cybersecurity
CISA Releases Latest ICS Advisories
Cisco, Siemens, Honeywell and Mitsubishi systems top the list.
May 3, 2024
Ep92tn
Video
Security Breach: Predictions That Hit
A look back at Security Breach guest's most accurate and timely industrial cybersecurity predictions.
May 2, 2024
Ransomware
Cybersecurity
Report Identifies Hidden Costs, Challenges of Ransomware
Too many are paying, and the reasons range from understandable to infuriating.
April 25, 2024
Ep90
Video
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
The new factors impacting a growing attack surface, and how to evolve your cyber risk strategies.
April 25, 2024
Fleet Of Fed Ex Delivery Trucks In A Parking Lot 483290419 4500x3000 (1)
Cybersecurity
Transportation and Logistics Under Siege
A look at how this vital and increasingly targeted market sector is responding to more cyberattacks.
April 24, 2024
Industrial Cyber
Cybersecurity
5G, AI and More Are Changing OT - Why Zero Trust Could Be the Solution
Maximizing technology investments while maintaining security.
April 24, 2024
Manufacturing Infrastructure Cyber
Cybersecurity
Avoiding Shutdowns from Ransomware Attacks
A strategic approach for protecting OT networks.
April 24, 2024
IEC 62443 is a key standard to reduce risk of cyberattacks in industrial workplaces.
Cybersecurity
How to Build a More Secure Connected World with IEC 62443
The goal is better efficiency, improved sustainability and interoperability, enhanced reliability and greater cost-effectiveness for system integrators, product suppliers and other stakeholders.
April 24, 2024
Coding
Cybersecurity
CISA Releases 7 ICS Advisories
Unitronics, Rockwell and Mitsubishi head the list.
April 19, 2024
Financial Cyber
Cybersecurity
Alarming Trends Reinforced in Ransomware Attack of Semiconductor Mfr.
Experts assess the fallout from the Dark Angel attack on Nexperia.
April 19, 2024
Industrial Cyber
Cybersecurity
Hexagon, Dragos Announce Partnership
The team-up looks to "revolutionize OT cybersecurity."
April 18, 2024
Ransomware
Cybersecurity
Report Shows Updated Ransomware Concerns
Hackers are elevating the complexity of their attacks - making them harder to detect.
April 18, 2024