As ransomware attacks increase, the need for improved security and quick recovery becomes all the more pressing.
It seems to be in the news every other day; a corporation, organization, or business entity had their files hacked and held for ransom by cybercriminals and hackers, typically for millions of dollars. From phishing attacks to delayed patching vulnerabilities, an improperly coded consultant tool, and more, the cost of ransomware attacks is in the billions of dollars and increasing fast.
Another significant problem associated with ransomware attacks is the time, energy, and resources it takes to retrieve files and unencrypt data after the attack, which can take days, weeks, and even months. Many SMEs in New Jersey don’t have the resources to shut down their operation for even a few days, let alone weeks or months. For that reason, they ask what Microsoft is doing to fight this virtual scourge. The answer; not as much as they should.
What Are the Government Guidelines to Protect Against Ransomware?
The US government is fully aware that ransomware attacks are increasing and causing havoc for businesses large and small nationwide. They recently launched Stop Ransomware, an official US Government website with facts, information, and ransomware prevention methods to combat the problem. They also offer a free Ransomware Guide you can download here if you like. (It’s packed with actionable information and data.)
We wanted to share a bit of information from the Ransomware Guide that we believe is the most important for SMEs. Here it is, verbatim, from their text: “It is critical to maintain offline, encrypted backups of data and to test your backups regularly. Backup procedures should be conducted regularly. Backups must be maintained offline, as many ransomware variants attempt to find and delete any accessible backups.”
The guide then recommends the following: “Maintaining offline, current backups is most critical because there is no need to pay a ransom for data that is readily accessible to your organization.”
In short, backup all files, check that backups are functioning, and maintain backups regularly because, when you do, ransomware attacks won’t be a problem. Pretty straightforward, we think you’ll agree. Thus the question becomes; what is Microsoft doing to make sure businesses are equipped to follow these best practices? Let’s take a closer look.
What’s Microsoft Doing to Prevent Ransomware attacks and Hasten Recovery Afterward?
Of the two problems New Jersey SMEs face from ransomware attacks, most experts feel that Microsoft is failing on backups. More specifically, on persuading their business users to back up their files and doing it following best practices.
Yes, the issue is convoluted due to the vast ecosystem of vendor-supplied third-party options. However, the fact remains that Microsoft isn’t doing enough to encourage SMEs to follow best backup practices as outlined by the Feds.
One challenge is the vast difference in the needs of an SME as compared to a large enterprise. Larger organizations can rely on recovery software like Autopilot, for example. That way, if a ransomware attack occurs, they can quickly redeploy workstations and keep their business rolling.
Smaller businesses, however, may not have access to this technology due to financial or other constrictions. In their case, Microsoft offers controlled folder access. In the event of a ransomware attack, critical files are protected. However, there is one drawback, and it’s a big one; if your organization isn’t using Windows Defender as its leading antivirus software, controlled folder access is unavailable.
Microsoft also offers another option for recovery from a ransomware attack, namely OneDrive. However, without a premium account, you’ll be severely limited as to how much sync room you have for all your essential data and files.
For an SME, Every Desktop is a Critical System
One of the biggest problems with the way Microsoft approaches recovery is that it’s simply not a good fit for a small or medium enterprise. Backing up files with a gold image is crucial to surviving a ransomware attack intact for smaller businesses, yet they don’t offer a viable, intuitive way to do that.
The reason is that every desktop in a small organization is a critical system. If there’s a crack in that system’s armor, so to speak, you can bet that hackers and ransomware thieves will take advantage of it. That makes backing up files crucial, which is why Microsoft moving away from tools to do just that in Windows 11 is so disheartening.
How Can You Protect Your SME against Ransomware Attacks?
Knowing that Microsoft isn’t exactly on the ball when it comes to preventing ransomware attacks, it’s on you, the SME business owner, to understand how to avoid them best. Now, frankly, this demands some skill and expertise, which is why many business owners hire an IT service provider. Still, knowing the basics below will provide you with actionable knowledge and insight.
Set up a Firewall
Security experts consider a firewall to be the first line of defense against malware, ransomware, and hackers in general. Firewalls scan all data coming in and going out of your business’s network to ensure it doesn’t carry or send potential leaks.
Start Using Immutable Backups
Immutable backups are backups that, once made, can’t be changed or deleted by anyone. It’s one of the most robust defenses against ransomware.
Make Your Staff More Aware
Here’s a fact; the people most vulnerable to a ransomware attack are the people who work for you, your employees. There are many employee awareness methods that you can use to improve best practices and prevent attacks.
Run Security Tests Regularly
There are various tests that an SME can run on its network, including a vulnerability assessment. This type checks for system weaknesses and discovers problem areas ripe for hacker exploitation.
Segment Your Network
Segmenting your network is one of the top methods used to prevent intruders from moving freely through your systems and all the devices attached to it.
Rely on Whitelist Rather than Blacklist Applications
While whitelisting and blacklisting have both become the standard for controlling employee access to software, we recommend the former over the latter as it’s a more efficient way to prevent ransomware.
Prevention is the best way to Stop Ransomware Attacks
There’s no denying that Microsoft is aware of the scourge of ransomware and does offer some products that will better protect your SME from this growing problem. However, the best way to protect your business is to be proactive. Follow best practices as outlined by the US Government, back up your files frequently every day, and improve employee awareness.