It was only a matter of time before ransomware made international headline news; and repeatedly. First, it was the WannaCry attack that spread globally in a matter of days, then the more recent NotPetya attack hitting businesses hard, affecting both large global corporations and small to midsize businesses (SMB).
Why did this happen?
The attacks stemmed from a vulnerability leak that contained multiple zero-day exploits, including EternalBlue, which was the vulnerability that WannaCry used to infect thousands of computers in May. And while Microsoft did release a patch last April to safeguard systems from attacks against nine of the leaked vulnerabilities, many businesses who still had legacy systems (i.e. Windows XP or older) or hadn’t patched their systems fell victim to the recent attacks.
What is next security threat?
The truth is no one can accurately predict which threats will emerge next, the two most recent attacks suggest the next major attack will likely exploit another vulnerability from those leaked recently.
How do I protect my business?
To minimize the chance of your business being hit with an advanced threat, follow these best practices with the help of your Managed Services Provider (MSP):
Secure commonly exploited threats. Threats can infiltrate networks in diverse ways. To mitigate this risk, deploy robust solutions; such as endpoint and email security services, as well as a next-generation firewall to secure web applications, remote users, and the network border. Most of these managed services can be delivered as a monthly subscription.
Educate end-users about social engineering threats. Sophisticated and often targeted Phishing attacks are becoming more common, and even savvy users inadvertently fall victim to them. Your MSP should continuously educate your employees on how to identify Phishing attempts and protect themselves from these threats. The next attack could come from a single mouse click by an unsuspecting end-user.
Keep systems up to date. All it takes is one unpatched vulnerability to leave your network wide open to the next attack. WannaCry emphasized the critical importance of keeping up with patches. Businesses naturally tend to be slower to implement patches in their network because of compatibility concerns, however, your MSP should implement a patch management schedule to reduce and eliminate system and network vulnerabilities.
Backup business-critical data. Implement a reliable Business Continuity and Disaster Recovery (BCDR) solution that enables you to quickly restore business-critical data. Your MSP should discuss Recovery Point Objectives (RPO) and how recent your information needs to be, as well as establish a Recovery Time Objective (RTO) and how quickly data needs to be available, in addition to testing the BCDR solution. A BCDR solution is the most reliable way to restore your business-critical data in the event of an advanced threat infiltrating your defences.
What are the next steps?
Everyone is at risk from ransomware attacks — no matter how big or small your business is. And while no one knows the nature of the next attack, when it comes to ransomware, following the above best practices could save your business down the road. Keeping business-critical data safe can be a challenge and you’re not alone. Your MSP can help protect your business from falling victim to the next attack by putting the right solutions and procedures in place to mitigate the risks and severity of any attack.