Russian Ransomware: Small Businesses Beware!

Ransomware, a type of malware that encrypts the victim’s data and demands payment to restore access, has been on the rise in recent years.

According to SecureLink CTO Joel Burleson-Davis, ransomware attacks accounted for 22% of all cyber-intrusions in 2021. Because cybercriminals can easily distribute this malware, it has quickly become popular among hackers.

Now, they are increasingly pursuing smaller targets.

Small firms are the most vulnerable to ransomware attacks. According to Mayorkas, a Homeland Security Secretary, half of the ransomware victims in 2021 were small businesses.  Small businesses were the “ideal target,” according to Corey White, CEO of security firm Cyvatar, because most are ignorant as to which of their systems are exposed online.

Ransomware: Another Near-Home Invasion

Recently, President Joe Biden issued a warning that Russia may be planning cyberattacks on the United States.

Cybersecurity experts say that the likelihood of ransomware attacks has doubled since Russia invaded Ukraine. They also predict that sanctions imposed by the U.S. and its allies are likely to escalate ransomware attacks.

TruU CEO Lucas Budman likewise foresees that US-led global sanctions will surely boost attacks.

What Small Businesses Should do

Secretary of Homeland Security Jen Easterly reiterated that Biden urged business organizations, both small and large, to strengthen their cyber defenses.

Here are some measures businesses can take to protect themselves against unauthorized cyber activities:

1 – Use Multifactor Authentication

Implement basic Data Breach Prevention Measures, including MAF, on your internal systems. A Microsoft study claims that MAF could have prevented over 95% of all cyberattacks.

2 – Create Regular Backups

Make regular backups of your system files so that you can restore them in case they become infected or compromised.

3 – Protect Your Credentials

According to Tessa Mishoe,  LogicHub senior threat analyst, attackers often use stolen credentials to gain unsolicited access to networks. Thus, it’s critical to practice good “password hygiene,” which is changing passwords on a regular basis to avoid unauthorized usage.

4 – Update Softwares and Install Security Tools

All operating systems, softwares, and apps should be updated. Additionally, install antivirus software and make sure that the security patches for anti-malware, firewalls, and other security products are always up to date.

5 – Be Cautious of External Links

Mark Ostrowski of Check Point warns against following links in emails or SMS messages since they could lead to a malicious file or infected websites.

6 – Train and Prepare your Employees

Tessa Mishoe, LogicHub senior threat analyst, says that employees should be your defense frontliners.  Educate your entire crew on social engineering and phishing scams to make them an extension of your security team instead of possible victims. Your people might be your most valuable resource!