Historically, most ransomware attacks have been launched against large corporations with enough capital to procure a ransom. Some small businesses have been affected, but these attacks have mostly targeted medium to large tech companies.
Nobody is immune to a ransomware attack
You might be surprised to learn that ransomware attacks have become a huge problem in the industrial sector. Energy sectors like oil & gas and even power have been targeted by cybercriminals. For instance, a natural gas compression facility was recently attacked by ransomware, disrupting pipeline operations. The ransomware encrypted data across a variety of assets, causing a partial loss of view for human operators. However, no programmable logic controllers were affected.
Even though the facility did not lose control of operations, they chose to shut down, which inevitably led to lost revenue.
While nobody can predict when the next ransomware attack will occur, you can prevent the need to pay a ransom if your data does end up getting hijacked by a cybercriminal. Here’s how.
1. Get your cybersecurity solutions from security experts in your industry
It’s important to get cybersecurity tools and advice from security experts in your specific industry. Many security solutions are perfect in some industries, but not in others. For example, protecting patient data in the health industry requires compliance with regulations like HIPAA. Meeting compliance requirements necessitates more security than standard applications provide.
Since the energy sectors are getting hit hard with ransomware attacks, they’re also looking to experts in their industry for solutions. For industrial companies, standard firewalls and malware scanning aren’t enough. These companies are facing a different threat. Hackers are targeting industrial control systems (ICS) with ransomware, including sensors and controllers. When sensors and controllers are compromised, the entire operation is in jeopardy.
To protect these industries, a company called Mission Control released an integrated all-in-one platform that protects the network and the field devices controlling the cyber-physical processes.
Whatever industry you’re in, seek security solutions from an expert in your field to get appropriate protection.
2. Tighten up your existing cybersecurity plan
You can’t prevent all ransomware attacks, but you can eliminate areas of weakness to prevent some attacks.
Go over your existing IT security plan with a security expert to find out where your company’s assets might be at risk. Is your web server secure? Do your employees have restricted access to the company network? Do you allow remote employees to use public Wi-Fi?
Find your security vulnerabilities and patch them up whether you need to change servers or enforce stricter policies.
3. Store backups of your data offline
Imagine waking up to a message that says your company data has been encrypted and won’t be released until you pay a ransom of $500,000. What would you do?
If you’ve got a copy of your data and operating system(s) stored offline, you wouldn’t bat an eye. You’d deploy a fresh server, upload your data from your backups, and get back in business. Simultaneously, you’d hire an expert to trace the security breach to the source.
Always keep at least one of your data backups offline along with the last known good configuration of your operating system. Back up your company computers and web servers to avoid having to pay a ransom for your data should you become the victim of a ransomware attack. Just make sure your offline backup is stored on some form of removable media so it can be disconnected from devices that access your company network.
It’s important to note that data backups are only helpful after you’ve been attacked with ransomware. You still need to employ defensive mechanisms like user education, app whitelisting, restricting user permissions, and active malware scanning.
4. Use immutable storage
Not all backup storage devices are equal. Some devices are more easily infected than others. For instance, standard disk-based backup systems provide protection at the block level. Files are protected with changed block tracking as they are modified. A ransomware attack changes your storage blocks to encrypt data. That means your system will back up the encrypted files, rendering your backup useless.
If you’ve never used immutable storage, you’re in for a treat. Immutable storage allows you to restore your data to specific recovery points and protects storage blocks against modification for a specified period of time, including forever.
When using an immutable storage device, once data is written it cannot be deleted or altered, even by a systems administrator.
Don’t skimp on security
With cybersecurity, you can’t be too careful. If you’re not prepared, one ransomware attack can destroy your business.