We were recently approached by the Philly Inquirer to discuss how small businesses can protect themselves from hacking. In our experience, ransomware attacks are one of the largest security threats. They leverage known vulnerabilities in traditional remote access methods such as remote desktops and VPNs.
Modern attacks use typically tools already present in the environment, so legacy antivirus software cannot detect criminal activity. Small Businesses and nonprofit organizations can significantly reduce the risk of a successful attack by taking a few simple steps:
1. Use Multifactor Authentication (MFA)
App-based MFA is more secure than text message-based MFA because if a criminal can convince your mobile phone carrier that they’re you, they can intercept your text messages. That said, any MFA is better than no MFA.
2. Replace Legacy Antivirus with Managed Endpoint Detection and Response (EDR)
EDR uses AI to find unusual patterns and halt suspicious activity, in addition to using traditional virus definitions. For example, Microsoft Excel is not a virus, but if Excel tries to modify 50 documents over the course of a few seconds, something isn’t right and Excel should be stopped. Legacy antivirus software can’t do that, so it won’t protect a small business from a ransomware attack.
3. Follow the Principle of Least Privilege
If someone doesn’t need access to a folder, they shouldn’t be able to access it. If they can’t access it, neither can malicious software running on their computer. Guests entering your office requesting wireless access should only be granted access to a restricted guest network that cannot see your internal computers.
4. Train Staff to Recognize Phishing Attacks
Train all staff with computer access on how to recognize phishing attacks. Encourage employees to stop and verify whenever they receive an email or text message asking them to do something unusual.
5. Synchronize Human Resources and IT Support
When an employee leaves your company, how quickly is all their access revoked? This is more than just their account- it’s also their remote access and any shared passwords they may know.
Employees who quit years ago often still have some access that hasn’t been properly sealed. Even if that person can be trusted, a criminal may discover the opening and exploit it without detection if no one is watching for it.
6. Maintain Offline or Air-Gapped Backups
An offline or air-gapped backup is critical to ensuring quick recovery from a ransomware attack. If defenses fail and criminals can access your data, there should be some mechanism to prevent criminals from accessing your backup data.
In many cases, after criminals penetrate a network, they infect connected USB drives and synchronized folders at the same time they infect primary data locations, making offline backups the easiest way to restore data.
7. Consult a Qualified IT Professional
There are many additional layers of defenses available. Talk to a qualified IT professional for help weighing the costs and benefits of added protections from modern cybercriminals.
SMBs don’t necessarily need the strongest defenses, but they shouldn’t be the weakest target. Criminals are growing more sophisticated by the day, so organizations continue to increase their defensive posture. Don’t be the lowest-hanging fruit.
At Pegasus Technologies, we understand the importance of staying one step ahead of cybercriminals and having a secure defense system in place. For help protecting your business against these modern threats, contact us today. We can work together to create a cybersecurity plan tailored specifically for your organization that will keep it safe from potential attackers.
