Are you an SME company losing sleep over ransomware attacks and intrusions into your computer network?

You should have a basic strategy to pre-empt the attacks.  If you can’t stop the attacks, you should at least minimise the risks and losses.

“Over the last year, ransomware has become a big threat to small and medium enterprises. Attacks are getting more sophisticated and frequent,” said Manish Alshi, Head (Channels & Emerging Technology, Check Point Software Technologies, India and SAARC).

According to him, 61 per cent of all cyber attacks reported in 2022 were targeted at small businesses.

The fact that micro, small and medium enterprises contribute about 27 per cent to Gross Domestic Product (GDP) reflects the size and importance of these small businesses.

Related Stories
Stolen data of 6 lakh Indians sold on bot markets so far: Study
The stolen data included user logins, cookies, digital fingerprints, screenshots and other information

“They have huge repositories of confidential information, ranging from medical records to bank accounts. Hackers eye this information as they can cash it out,” he said.

The initial cost of a ransomware attack can be crippling, as they have to spend a lot of money to retrieve the information.

Hackers gain access to high-value data and encrypt it so that it cannot be accessed without an unlock code, which is offered in exchange for cash.

Related Stories
Rise of Metaverse to pose cybersecurity challenges in 2023: CyberArk
Attacks on critical infra and use of ransomware-as-a-service expected to increase

There are, however, certain measures that can be taken by the companies to thwart the attacks and minimise the losses.

Patch regularly

“It may sound simple, but keeping on top of the latest software and security patches could prove invaluable when it comes to protecting your organisation against potential cyber threats,” he points out.

Applying updates for tablets, smartphones, laptops and PCs as soon as they are available is one of the most important steps businesses can take to improve security. “You must ensure your operating systems, software programmes, phones and apps are set to ‘automatically update’ in order to avoid gaps in your security posture,” he suggests.

Keep tabs on pen drives

He wants enterprises to have control on the use of USB sticks and external hard drives to check against accidental or deliberate attempts to sneak viruses into the network.

“We use a pen drive or an external hard disk to share files among colleagues. But you must remember that it takes just one unsecure device to infect the entire network,” he cautions.

Back-up elsewhere

He warns businesses against backing up data to the main server.

Several companies do back up their data, but very often the data is backed up to the main server itself. It serves no purpose as the network is not available during an attack.

“Instead, organisations should identify essential data that their business cannot function without, and have a completely isolated, off-site network back-up,” he advises.

“When you recover from a ransomware attack, employees can access key files that allow them to continue with day-to-day operations,” he says.