One of the more costly forms of malware that a company can face is ransomware. This malicious attack encrypts a company’s files, rendering them useless, and the attacker demands a ransom to provide a decryption key to return them.
Some of the attacks on Tennessee organizations that have appeared in the news in recent years include:
- The City of Spring Hill, TN that had their email accounts shut down, employee direct deposits offline, and stopped citizens from making online bill payments. The hackers demanded $250,000 to restore the city’s files.
- Murfreesboro Police & Fire Department was hit with the famous WannaCry ransomware, which took down 2 file servers and 19 computers and impacted their ability to send out routine news releases.
In fact, the threat of ransomware has become so severe to businesses and other organizations that the FBI recently put out a public announcement in October 2019 titled, “High-Impact Ransomware Attacks Threaten U.S. Businesses and Organizations.”
Ransomware is believed to be responsible for 42% of data loss incidents.
With both the costs of ransomware and the prevalence of attacks rising, it’s become one of the biggest threats that small, medium, and large businesses alike need to protect against.
Two of the most effective ways to strengthen your network security and combat ransomware are:
- To use of an endpoint protection application, like SentinelOne, to prevent a ransomware infection; and
- Ensure you have an easily recoverable backup of all your data
Using SentinelOne with ActiveEDR for Network Protection
In a survey of information security professionals, ransomware prevention was considered the most pressingglobal cybersecurity problem.
The average cost of a ransomware attack on a business is $133,000, and many small companies can take years to recover from an attack.
To understand why a program like SentinelOne is important to prevent ransomware from infecting your system, let’s take a look at one of its important components, ActiveEDR.
EDR stands for endpoint protection and recovery. What this mechanism does is keep a watchful eye on your network and all your endpoint devices and creates an alert as soon as it spots anything malicious trying to get in. It then has the ability to nullify the threat and keep it from impacting your data.
With ActiveEDR the program can act automatically to identify, report, and stop malicious threats like ransomware. This means that even if a user accidentally downloads a ransomware infected file, the SentinelOne system can detect and destroy before it has the chance to encrypt your files and lock you out.
Key features of SentinelOne EDR include:
- Autonomous monitoring to help predict malicious behavior
- Response that is automated so it can more rapidly eliminate threats
- Ability to seamlessly adapt to your endpoint devices and server to safeguard them
- Designed to be simple to use and uncomplicated
Ensure Your Backups are Done Right
Having an easily recoverable copy of all your data safeguards you in the case that your system is infected with ransomware. The attacker loses his leverages because you can restore your data.
Ransomware attackers are counting on their victims not having a backup of their data or not having an easily recoverable backup that can be quickly restored.
Some of the common backup mistakes that companies make include:
Not Using a Backup with a Fast Recovery System
When systems are down in a ransomware attack, organizations need to get back up and running quickly because they’re losing money every minute they’re down. This means that if the backup they’re using doesn’t have a fast way to recover their data and if that process is long and complex, they may have to pay the ransom anyhow just to get back up sooner, or suffer more losses due to a downtime of several days.
Not Monitoring Backups for Problems
Unmonitored backups are a common cause of data loss. Users will get a backup started on their system, then just assume all is fine unless there’s some big red warning sign.
But often backups can stop due to a software issue or file problem without providing any type of alert. They can also run out of space, leaving companies without the most recent copies of their files.
Only Keeping a Local Backup
If your file backup is on the same local server as your all your other files, a ransomware infection can make the backup unusable as well as everything else, so you’re left without a backup at all.
Backing Up the Right Way
Backing up the right way means adhering to the 3-2-1 backup rule (which includes keeping a copy of your data offsite) and regularly monitoring your backups. This is most easily done through a managed backup plan.
You also want to ensure you’re testing your backup recovery regularly to make sure it works smoothly and to help train your team, so in the event of a ransomware attack or any other data loss incident, they’ll know just what to do to get you back up and running quickly.
Get Ransomware Protection from Unbound Digital
Unbound Digital can help you on both fronts with your ransomware defenses. We can get you set up with SentinelOne EDR protection and assist you with a managed backup plan to prevent any type of data loss.
Learn more and sign up today by calling 423-335-2461 or contacting us online.