Contributed By

CB Logo 4

Community Editorial Team

at Comcast Business

View Profile

Eight Steps to Protect Your Small Business from Ransomware

December 01, 2017

Avoid becoming another ransomware statistic.

Ransomware infections against businesses occur at an alarming rate – every 40 seconds a company suffers an attack. A pop-up appears on a computer screen saying all data has been locked and access can be restored only if the user pays ransom.

This has become a common, dreaded scenario. The average ransom demand currently is $1,000, though organizations have paid tens of thousands in some cases. No one, from individuals to small businesses to multinational enterprises, is immune from attack. You must take precautions against ransomware for your business. Nearly half of ransomware attacks infect 20 computers or more, so an attack on a small company could shut down operations for days.

Ransomware is the No. 1 cybersecurity concern for a reason – it’s effective. Hackers know many companies fail to plug their security holes, leaving them an open invitation to attack. And because up to 40 percent of small businesses do not back up data regularly, attackers know many will pay ransom demands rather than lose critical data.

Defense Plan

To avoid becoming another ransomware statistic, you need a solid cybersecurity strategy that includes deploying advanced protection tools, enforcing well-defined security policies and implementing user awareness programs. Here are eight tips to protect against ransomware:

1. Endpoint Security

Endpoint security is a more comprehensive version of the traditional antivirus tools that protect computers from malware. The more sophisticated endpoint protection platforms scan and block malware, and use machine learning to identify zero-day threats and other previously unseen malware, including many ransomware variants. Endpoint protection is an essential security component.

2. Anti-phishing Tools

Although hackers use other methods to deliver ransomware, phishing remains a favorite because it preys on user trust, curiosity and fear. Anti-phishing tools, such as email and spam filters, sift out malicious URLs and attachments to prevent from unwittingly downloading malware.

3. Firewall Protection

Firewalls block unauthorized content by using controls such as denying access to IP addresses known to deliver ransomware. Even if a ransomware payload is delivered, a firewall still can prevent it from communicating with the command and control server from which it would receive instructions to lock out data. This could stave off infection until the ransomware is detected and removed.

4. Patch Management

The fast-spreading WannaCry and Petya ransomware attacks in 2017 exploited Microsoft’s Windows Server Message Block (SMB) protocol. Fixing those vulnerabilities would have prevented infection, which is why patch management is critical to fighting ransomware. Businesses need strict patching policies to make sure users don’t ignore software update prompts. Even better, businesses should deploy automated patch management so no human action is needed.

5. Access Controls

Limiting access to sensitive data to the least number of users possible helps prevent attacks. Employees should get access only to data they need to do their jobs, so access controls for files, directories and network share permissions should be configured with that in mind. This helps limit the possibility of a leak and makes it easier to identify its origins if one happens.

6. Macro Scripts

A common method of delivering ransomware is to hide it in macro programs that get into systems when users open or download a compromised file. Macros automate repetitive tasks with toolbar buttons and keyboard shortcuts in applications such as Microsoft Word and Excel. Disabling macros in the Office Preferences dialogue box can prevent these types of infections.

7. Backup and Recovery

Regular data backups are key to fighting ransomware. An automated data backup and recovery solution is best so you don’t have to rely on users to do it. If struck by ransomware, your business can simply restore its data to resume operations after the malware is removed.

8. User Awareness Training

No security plan is complete without user education. Most security incidents start with human action, whether malicious or unintentional. Users need to learn about cyber dangers and how to avoid them. Some of the areas that training should address: Do no open suspicious emails; avoid accessing private information through public WiFi networks; use strong passwords and don’t share them or corporate-issued devices with others. Training should be ongoing to cover new threats and remind users of safe computing practices. When it comes to security awareness, repetition is safety.

Don’t Be a Victim

Ransomware isn’t likely to go away any time soon. Hackers will continue to use it as long as they can make money at it. By taking these eight steps, your company will have a much better chance to avoid becoming the next victim of ransomware.

This article is available exclusively to
Comcast Business Community Members.

Join the Comcast Business Community to read this article
and get access to all the resources and features on the site.

It's free to sign up

OR

Join the Discussion

300 Characters Left
comcast_cta-temp_v3_Security

Resource Center

Why Comcast
Comcast Business delivers fast, reliable networking solutions built for business performance and growth

Current Offers
Take advantage of our limited time offers with a customized plan built to give your business an edge over competitors

Community Forums
Find solutions, share knowledge and get answers from customers and experts

Help & Support
Get help and support from Comcast experts

Resource Library
Find out how Comcast has helped clients like you meet their needs with informative White Papers, Case Studies and more

Internet Speed Test
Try the Comcast Business Internet Speed Test to see how your business stacks up

Social Media
Connect with Comcast and join the conversation on LinkedIn, Twitter, Facebook and Google+