5 dangerous Ransomware Myths

(With thanks to Carbonite) We’re going to look at 5 dangerous Ransomware Myths that need to be disspelled. Ransomware can wreak havoc with your data, budget and reputation. In a typical ransomware scenario, the victim receives a warning that critical data has been encrypted and the victim will need to pay a ransom to get the decryption keys. If the company decides to pay, there’s still no guarantee the keys will be provided. An unfortunate 15% report that even after paying their data is not decrypted. And even if they do manage to decrypt the data, they could well be hit again and again.

Those who refuse to pay the ransom may find themselves victim of a new, insidious threat: the attackers will steal a copy of the data, then threaten to sell it on the dark web. As a result, the company could be subject to steep fines if it fails to notify authorities in a timely manner, not to mention the damage to the company’s brand and reputation.

With thanks to Carbonite, we’re going to look at 5 dangerous Ransomware Myths, and why they’re dangerous.

Myth #1 – My company is too small for attackers to bother with

It’s hard to believe anybody still believes this; it ranks up there with the dated idea that Mac devices are more secure than Windows for some reason. But the fact is, almost anyone is a target for ransomware. In fact, SMBs represent an increasingly attractive target for attackers. And according to one global report, 86% of SMBs reported they had been victimized by ransomware. More than 20% of them were hit six or more times!

In a way it’s even more serious when a small organization is hit. That’s because large organizations often have whole security teams and big budgets for multiple layers of defense. But SMBs often rely on very small teams (or a single person0 for coordinating all IT-related activities.

The move toward remote working only increases the threats. More workers than ever are using Microsoft Remote Desktop to access their work desktop, and setting it up using default settings. This can allow criminals to do brute-force attacks, gaining access to corporate resources.

Myth #2 – There’s no way to prepare for a ransomware attack

There’s actually a lot an SMB can do to protect itself. The way ransomware gets in is often by tricking a user into downloading a file with macros that run automatically (the Emotet and Trickbot attacks scanned the environment and allowed criminals to determine if valuable data is present), then download a ransomware payload.

Carbonite Webroot provides several ways to stop this from happening. Webroot® Evasion Shield, part of Webroot® Business Endpoint Protection, automatically stops malicious macros from running. Webroot Business Endpoint Protection prevents the user from downloading malicious payload from known bad URLs and IP addresses. It can analyze files before they are executed to determine if they show malicious intent or behavior. Good endpoint security is a must for SMBs, especially since attackers are constantly finding new ways to attack.

Protect your data – Losing access to your data can cause serious damage. Backups are vital. However, performing lengthy full-server backups take time, resources and network bandwidth. And relying on end users to do their own data backups is not a great solution. There are better ways to protect data.

Carbonite Endpoint automatically protects endpoints and their data, while Carbonite Server backs up data from physical and virtual servers. For data on older servers that are running operating systems no longer supported, SMBs can move the data to a more protected environment via Carbonite Migrate. Then, it can be backed up automatically using Carbonite Server. These solutions are compliant, efficient and safe – SOC 2 certified, in fact.

Myth #3 – If I have a backup plan in place, I am safe

Preventing attacks and backing up data are both extremely important. But if the worst happens, critical systems and data need to be recovered, and there will be some downtime. This can be costly and damaging. You’ll want to recover critical systems and data very quickly, and that means restoring data from safe backups that haven’t been infected with the ransomware.

Investing in redundant servers in secondary locations can be cost-prohibitive for SMBs, so many of them look to Disaster Recovery as a Service. Carbonite provides DRaaS for modern cloud and virtual systems – with the added benefit of also covering legacy systems like IBM iSeries and AIX.

All data is encrypted, and SLAs are provided for rapid recovery. By continually syncing the recovery systems with primary servers, critical business systems are online and accessible no matter what happens on your network. If an outage happens and a failure threshold is exceeded, the system will immediately fail over to the cloud-based replica.

Carbonite Professional Services can help with, or completely take care of, disaster recovery planning, testing and documentation. They will work with the SMB to perform DR tests prior to activation, to ensure accuracy and efficiency if an outage such as that due to ransomware does occur.

Myth #4 – Technology alone will save me

Does this one even SOUND true? The solution to ransomware cannot rest entirely on technology. People are the first line of defense. They can fall prey to a phishing attack, inadvertently click on a dangerous link or download malware that invades the entire network. As a matter of fact, an astonishing 93% of security breaches start with a phishing attack. End-user training is critical to “getting the bullseye off your back.”

Security awareness training that includes phishing simulations and training in data protection are becoming standard practice. It’s a proven way to reduce risk, decrease infections, reduce the chances of a security breach and strengthen the overall security posture. Regular security awareness training builds up users’ “muscle memory” so they stay attuned to malicious attempts and can strengthen the corporate security shield.

Myth # 5 – It will be hard to get all this to work together seamlessly

There will always be some gaps in security. But SMBs can strive for cyber resilience; the ability to withstand attacks and land on your feet no matter what happens. Resilience protects the business, customers and employees from whatever digital challenges they may face – not just ransomware.

Carbonite can give you a resilient approach to prevention, detection and recovery. The comprehensive stack of cyber resilience solutions helps keep companies secure and their data protected, and these solutions cover the entire range of prevention and recovery options. To find out more, or to go ahead and save on Carbonite, just email us or call Corporate Armor at 877-449-0458!