Eight Steps to Protect Your Small Business from Ransomware

December 01, 2017
12_01_eight steps to protect your small business from ransomware

Ransomware infections against businesses occur at an alarming rate – every 40 seconds a company suffers an attack. A pop-up appears on a computer screen saying all data has been locked and access can be restored only if the user pays ransom.

This has become a common, dreaded scenario. The average ransom demand currently is $1,000, though organizations have paid tens of thousands in some cases. No one, from individuals to small businesses to multinational enterprises, is immune from attack. You must take precautions against ransomware for your business. Nearly half of ransomware attacks infect 20 computers or more, so an attack on a small company could shut down operations for days.

Ransomware is the No. 1 cybersecurity concern for a reason – it’s effective. Hackers know many companies fail to plug their security holes, leaving them an open invitation to attack. And because up to 40 percent of small businesses do not back up data regularly, attackers know many will pay ransom demands rather than lose critical data.

Defense Plan

To avoid becoming another ransomware statistic, you need a solid cybersecurity strategy that includes deploying advanced protection tools, enforcing well-defined security policies and implementing user awareness programs. Here are eight tips to protect against ransomware:

1. Endpoint Security

Endpoint security is a more comprehensive version of the traditional antivirus tools that protect computers from malware. The more sophisticated endpoint protection platforms scan and block malware, and use machine learning to identify zero-day threats and other previously unseen malware, including many ransomware variants. Endpoint protection is an essential security component.

2. Anti-phishing Tools

Although hackers use other methods to deliver ransomware, phishing remains a favorite because it preys on user trust, curiosity and fear. Anti-phishing tools, such as email and spam filters, sift out malicious URLs and attachments to prevent from unwittingly downloading malware.

3. Firewall Protection

Firewalls block unauthorized content by using controls such as denying access to IP addresses known to deliver ransomware. Even if a ransomware payload is delivered, a firewall still can prevent it from communicating with the command and control server from which it would receive instructions to lock out data. This could stave off infection until the ransomware is detected and removed.

4. Patch Management

The fast-spreading WannaCry and Petya ransomware attacks in 2017 exploited Microsoft’s Windows Server Message Block (SMB) protocol. Fixing those vulnerabilities would have prevented infection, which is why patch management is critical to fighting ransomware. Businesses need strict patching policies to make sure users don’t ignore software update prompts. Even better, businesses should deploy automated patch management so no human action is needed.

5. Access Controls

Limiting access to sensitive data to the least number of users possible helps prevent attacks. Employees should get access only to data they need to do their jobs, so access controls for files, directories and network share permissions should be configured with that in mind. This helps limit the possibility of a leak and makes it easier to identify its origins if one happens.

6. Macro Scripts

A common method of delivering ransomware is to hide it in macro programs that get into systems when users open or download a compromised file. Macros automate repetitive tasks with toolbar buttons and keyboard shortcuts in applications such as Microsoft Word and Excel. Disabling macros in the Office Preferences dialogue box can prevent these types of infections.

7. Backup and Recovery

Regular data backups are key to fighting ransomware. An automated data backup and recovery solution is best so you don’t have to rely on users to do it. If struck by ransomware, your business can simply restore its data to resume operations after the malware is removed.

8. User Awareness Training

No security plan is complete without user education. Most security incidents start with human action, whether malicious or unintentional. Users need to learn about cyber dangers and how to avoid them. Some of the areas that training should address: Do no open suspicious emails; avoid accessing private information through public WiFi networks; use strong passwords and don’t share them or corporate-issued devices with others. Training should be ongoing to cover new threats and remind users of safe computing practices. When it comes to security awareness, repetition is safety.

Don’t Be a Victim

Ransomware isn’t likely to go away any time soon. Hackers will continue to use it as long as they can make money at it. By taking these eight steps, your company will have a much better chance to avoid becoming the next victim of ransomware.

Avoid becoming another ransomware statistic.

Locked Content

Click on the button below to get access

Unlock Now

Or sign in to access all content on Comcast Business Community

Sign Up

for our newsletter


Learn how Comcast Business can help
keep you ready for what's next.



for our newsletter