Did you know that 79% of Managed Service Providers report that clients have experienced some level of business-threatening downtime?
And that 14% of a total 45% of small to medium businesses that do pay ransom to a cyber criminal never recover their data?
The statistics are staggering but the
threat to small business is very real. And scary.
Because cyber criminals can literally close
a business down.
How does ransoncloud work?
As more and more businesses make the
inevitable jump to cloud-hosted solutions for data and file storage like
Dropbox, G-suite, Microsoft 365, Xero, MYOB, Salesforce and more, cyber
criminals are exploiting vulnerabilities to hack into their IT systems and encrypt
their files.
What this means for you is that you can no longer use or access your files.
Ransomcloud, or rasomware as it is commonly known, typically comes in the guise of a phishing email. Employees who click on a link or attachment launch the malware and it scrambles or encrypts the data on their work station in such a way that it is rendered completely unreadable, and effectively, useless.
Worse, if those employees have access to
company files on a network, those files may also get encrypted.
You get the picture…
Every email in your inbox may become encrypted. In severe cases, whole databases full of customers may even be gone and there’s no way to get them back – that’s when you get the chilling pop up message on your system asking you to ‘pay the ransom’ and the files will be restored. Hence, the name.
Typically, it involves paying by Bitcoin, after which you are then sent an encryption key to “hopefully” recover your files.
But doesn’t the cloud hosteed servers protect my files?
One of the big misconceptions about cloud-hosting is that it is completely secure. It’s just not the reality. The cloud is not fail-safe.
Yes, large cloud-hosted applications will
have multiple levels of security to prevent hacking (you’ll all be familiar
with two step authentication, for example, for internet banking) but it’s the
devious nature of ransomware and how cleverly disguised the phishing emails are
that makes it so deadly.
It’s not always the case but sometimes phishing emails are so well designed (featuring logos, fonts and branded colours from big software providers) that it’s difficult to tell whether they’re fake or not.
And if your employees are in a hurry or
just not aware of the threat? A few simple clicks is all it takes to infect the
whole system.
Where human error is at play – which is
always – businesses will be exposed to some extent to greater vulnerabilities.
So,
what can I do to protect my business?
It starts with putting both a business continuity and disaster recovery plan in place to ensure you have efficient, backed up data files that work. You also need to check that the backed up data is checked regularly and is immediately deployable when required. Microsoft, for example, recommends that backups be kept in external, non-mapped or not-synced storage.
The name of the game here is to avoid
downtime and missed opportunities with customers. Losing your data through
ransomcloud is a hugely stressful experience and it can very costly if the
encryption cannot be undone.
Consider an effective disaster recovery plan
to be the best insurance policy your business ever invested in.
Disaster recovery is generally the responsibility of the IT department, but what if you don’t have one? Or you’re not sure what solutions they have in place? Or even if they work?
That’s where Expert can help.
If you’re not sure what to do about
protecting your business data, give our team a call. Our IT technicians will be
happy to run through a free security audit and offer some helpful solutions as
to how you can protect your business. Call 03
9474 0044 now or email sales@expert-telecom.com.au.
