Industry Insights | OMNIA Partners

How to Protect Your Organization Against Ransomware | OMNIA Partners

Written by Ricoh | Aug 2, 2021 4:00:00 PM

Ransomware attacks continue to grow in number and sophistication. If you are responsible for IT and security management in your organization, knowing how to protect your organization against ransomware is a must. Members of OMNIA Partners can utilize Ricoh's various managed security services to help protect their organization against ransomware and prevent future attacks.

In May 2019 a ransomware infection hit the city of Baltimore’s computer system. The attack affected hospitals, vaccine production, airports, and ATMs. The total cost? Estimated around $18 million.

Governments and large corporations may get the most attention, however, they aren’t the ones that suffer the most. Consider these statistics:

  • It’s estimated that ransomware costs small businesses $75 billion a year1
  • The cost of downtime and data loss puts small and mid-size businesses at the biggest risk2
  • The average Q4 2019 ransomware payment was $41,1983
  • The average Q4 2019 downtime cost was $64,6453
  • Average downtime has increased to 16.2 days3
  • Bitcoin remains the preferred payment in 98% of attacks3

What is Ransomware?

Ransomware is a malicious program. It can infect a single computer or a network of computers, encrypting the data, making it inaccessible. Upon infection, the cybercriminals communicate their demands, often a ransom that must be paid, in order to decrypt the data.

According to one survey, 98% of attackers provided an encryption tool upon payment.3

Considering the costs, you want to avoid this situation entirely, which you can do with solid network and endpoint protection, employee training, and a well-defined disaster recovery plan.

How Does Ransomware Work?

A ransomware program activates and infects a computer when a user:

  • Clicks on a website link or a link in an email
  • Opens an attachment in an email
 
Once activated, the malicious program runs an encryption program shutting down access to the computer. At this point, the device becomes useless. If you have a back-up in place, you can shut down the infected PC and quickly redeploy a new one. If you don’t, you are stuck deciding if you will pay the ransom or just lose the data.

RELATED CONTENT:

➡️ The Case for Technology Spend in a Pandemic Economy

Why Do Ransomware Attacks Continue to Increase?

Quite simply, they work. 

Ransomware cybercriminals make a lot of money on these attacks. Most ransomware scripts are not amateur efforts. These are done by highly advanced international crime rings that are well-financed and run like a business.

Ransomware programmers, also called authors, have a huge incentive to invest in developing new and more advanced encryption algorithms. They also continue to evolve the delivery of these programs to ensnare companies and force them to pay the ransom.

Fortunately, you can protect your organization with a proactive approach to network and endpoint security.

Estimates show ransomware costs small businesses $75 billion a year.

To learn more about OMNIA Partners IT solutions, click here.  

How to Protect Your Organization Against Ransomware

Deploy essential security measures.

  • Block infection from reaching your network by securing your mail and web gateways. Deploy packet inspectors to scan and block fraudulent emails and prevent users from accessing known malware-generating websites.
  • Patch all applications, and patch them often. The Wanaycry and Petya ransomware that decimated networks around the world, causing billions in damages, relied on an exploit that Microsoft issued a patch for 3 months earlier. People who patched their systems regularly were not affected.
  • Recognize antivirus software is your last defense, not your first. You should still have a strong and up-to-date AV software, but understand that if keeping your virus definition files up to date is essential, but the last hope to stop the latest threats.

Educate your users.

Your users must know how to spot ransomware. For example, they should never open a file from anyone until they confirm the email address. Just because the name of the sender says it is your bank doesn’t mean it is; the actual email address might read xty34ii@psdhnle.com. This is a vital step in preventing targeted attacks. It only takes one accident to compromise an entire network. Regular training helps reduce the chances of accidents.
 
Be prepared for an attack.
  • Maintain a good set of backups.
  • Keep backups disconnected, or offline, from the main network. 
  • Pay and pray? If you have been infected, and you do not have a good set of backups should you pay the ransom? If you do, you embolden the attackers. If access to the data becomes a matter of life and death, like with hospitals that have been infected, you may have to pay and hope that you are dealing with an ethical digital gangster who will really return your data. 
| Protecting Yourself from Ransomware
Increased remote workers introduce new opportunities for cybercriminals to wreak havoc on organizations of all sizes. Implementing the three strategies outlined in this article offers the best approach to protect your organization against a ransomware attack. 

About Ricoh and OMNIA Partners

Ricoh is a leading technology solutions supplier that works to re-imagine workplaces to help you collaborate and exchange ideas — wherever and whenever you are — so you can drive the results you want. Members of OMNIA Partners can utilize the Ricoh program to manage their technology spend and take advantage of world-class solutions. Discover OMNIA Partners entire contract portfolio or request more information about Ricoh today. 

1 https://www.datto.com/news/american-small-businesses-lose-an-estimated-75-billion-a-year-to-ransomware
2 https://www.beazley.com/news/2019/beazley_breach_briefing_2019.html
3 https://www.coveware.com/blog/2020/1/22/ransomware-costs-double-in-q4-as-ryuk-sodinokibi-proliferate