How to Defend Against Ransomware in 2022

2021 was a banner year for ransomware. This didn’t come as a surprise; 2020 and 2019 were as well. Attacks against critical infrastructure, government and healthcare organizations and small business alike drove home an important lesson: No target is too big or too small for ransomware gangs.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a few tips and best practices to make sure small businesses are in a state of cyber-readiness as we all look ahead to a new year. 

Among CISA’s recommendations:

  • Be prepared for a ransomware attack: Companies should regularly create and maintain backups of all necessary data and have backup hardware in case of an unexpected outage. Unexpected downtime can be a major expense, especially for smaller companies and VFX studios; ransomware operators are keenly aware of this and will actively exploit it.

  • Have a response plan: Companies and organizations typically have emergency response plans for fires and other natural disasters and should plan accordingly for similar threats of a digital nature. Draft a plan that can easily be referred to in the event of an unforeseen threat.

  • Keep systems up to date: In addition to regular air-gapped backups, keep an ongoing and up-to-date inventory for every device that comprises your attackable surface. Make sure the most recent stable software patches have been applied, conduct regular vulnerability scans, and keep a running tally of any device with access to potentially sensitive or business-critical data. An unaccounted-for or unpatched computer on your network can be the opening that a ransomware actor needs to launch an attack.

  • Train your employees: Despite how Hollywood will often portray large-scale hacking attacks as precise, well-coordinated and high-tech espionage, most ransomware incidents simply start with a phishing email. Train your employees to recognize a suspicious email, and put a security infrastructure in place to block potentially dangerous email before they make it to an unsuspecting employee’s inbox.

  • Consider the supply chain: Many cyber- and ransomware attacks start by compromising one target to gain access to others; this was the case for SolarWinds and the Target hack. Vet any vendors in your agency’s supply chain to make sure they’re following best practices and are working to minimize their, and your risk.

Having a good cyber defense can take a lot of work, but in the long run the time, resources and energy required to maintain it will still pale to the potential damage caused by a successful cyber attack. While no one policy or defense is 100% safe or impossible to compromise, paying greater attention to how a threat actor may be able to compromise your workplace can be the difference between a minor nuisance and an extinction-level event.

Wondering how to keep cybersecure in the New Year? Contact Nodal today!