Running an IT business is no different to any running any other type of business. We have the same challenges and often the same goals…
One thing we certainly have in common is the threat of cyber-crime. Statistics show that this is the fastest growing crime on the planet. You may have seen the recent news articles around Garmin – “Garmin cyber-attack” – there are several public examples, but this is very recent. So, what can you do about it?
Let me rewind a few years back, to the days when anti-virus programs first came onto the scene. Email was in its early years, therefore not used very often, and computer viruses were transmitted by floppy disks. The threat was still as real as it is today, but at least you stood a chance of catching it. The physical action of putting a floppy disk into a computer, prompted to scan for viruses. Today however, we face a very different threat; like all markets, this one has evolved. Cyber criminals can now take control of your files, photographs, and any other data that’s important to you. They encrypt it, then deny you access until you’ve paid a ransom of their choosing.
Back in the day if you had a virus, your computer might run slower than it did the day before. Today, you’ll know quite clearly if you’ve got ransomware. You will be locked out of your computer and there will be a message on your screens telling you to pay a “fine” or the crime gets worse.
An example of what you might have to pay is £10,000 (in bitcoin, the online currency). If you fail to pay in three days, the figure doubles. Fail to pay within a week and your data is gone. Deleted.
So, how does this happen? How does ransomware get on your device in the first place?
“More than half of infections occur when someone clicks on a dodgy link in an email”
That’s not surprising, given that one in every 3,722 emails in the UK is a phishing scam. And 55% of UK email being spam in general.
What can we do about this very real threat to our businesses? A very modern problem requires a very modern, multifaceted approach.
First, we need to ensure the backups are good.
Putting in place a great backup solution means that should the worst happen; we can restore the backups to have you back up and running in no time at all. Of course, how fast depends on the backup solution in place; there are all kinds of options for every budget. Our preferred solution would be a Datto Business Continuity Device, which takes snapshots of your physical and virtual server infrastructure at pre-specified intervals throughout the day. These snapshots are verified locally, then copied to Datto’s cloud. Complete recovery from a disaster can typically be completed in under 1 hour.
Secondly, we need to re-think the antivirus solution.
Traditionally, antivirus programs have been signature based. This means that your antivirus program is only, as up to date, as the last back up. This is usually every few days, but this is no longer good enough. Modern antivirus programs use next generation Artificial Intelligence (AI), to detect anomalies in your computer. They not only have the benefit of updated signatures every few days, but they also work on the basis they understand how a virus behaves and can spot this activity before it becomes a threat.
For this level of protection, our preferred solution is SonicWall Capture Client. Capture Client uses advanced threat protection techniques, such as machine learning, network sandbox integration, and system rollback to provide the highest level of protection for endpoints and server workloads.
But what happens if, despite taking all the precautions, you are still caught out by ransomware? What do you do?
First and foremost, don’t panic and don’t pay the ransom! Do not hesitate to pick up the phone to speak to our consultants. If you’ve followed our advice and invested in the protection required, getting you back up and running will be fairly straight forward.
If you don’t already have the above precautions in place, give us a call. The solutions we provide can help you stay protected from ransomware and other forms of malware that pose a very real threat that could do serious damage to your business.