Municipalities have again made headlines for being the victims of ransomware attacks, with reports saying as many as 22 municipalities in Texas have been targeted. Ransomware is a malicious software application that locks owners out of their computer networks until an amount of money set by the attackers is paid.
According to the New York Times, hospitals, businesses and other networks have been targets of ransomware attacks for some time. But in recent years, hackers have increasingly focused on local governments. The FBI cautions companies and municipalities alike not to pay ransom.
Clearly, the easiest way to deal with ransomware is to prevent it from happening. Did you know that the leading cause of ransomware is people? More specifically, insufficiently trained people. Every time we see a major malware attack or data leak, such as those experienced recently on a large scale in Texas and by major information holders like Equifax or Target, it’s caused by something that was completely avoidable.
While we don’t yet what allowed the actor access in the Texas case, to mitigate the risk of a malware attack, companies need to create a culture of best practices. Help employees understand when to be suspicious of a sender, link or an attachment; tell them what they are expected to do and why. Don’t get lazy and skip over important steps to keep your data secure, like requiring frequent password changes, running all your network patches, establishing network access user controls and limiting superuser login access for day-to-day tasks.
Network security is never a set-it-and-forget it prospect. It requires regular communication and training, constant vigilance, consistent processes, deliberate planning and strict commitment to protecting your data.
Don’t forget: Ransomware is a prime example of a manmade disaster for a company. What’s your backup and DR strategy? Offsite backup and disaster recovery as a service (DRaaS) are two examples of tools you can employ in the event of an attack, especially when they are separate from your local network (in fact, you should make sure they are). Simply restore your data from the last point before the attack. You may lose a few hours worth of data; however, it’s better than losing ALL of your data permanently!
When it comes to the cost associated with protecting your data, far too many companies gamble that the low likelihood of attack combined with the cost savings realized by skimping on training, processes and automation will tip the odds in their favor. However, even one breach of your data can cost exponentially more than investing in doing it right on the front end. From a risk analysis perspective, it’s baffling to us that there’s a line item for furniture as an asset on a business’ balance sheet, but none for the value of your data. That data is actually your most priceless asset and that should be reflected on your books.
Anxious to shore up your security strategy against ransomware and other cyber attacks? Otava can help. As a secure, compliant provider of hybrid cloud solutions, our experts are trained to detect vulnerabilities in your environment in all aspects, including people, processes and technology. To learn more, contact us or call us today at 877-740-5028.
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.