{"id":651,"date":"2025-03-21T12:00:09","date_gmt":"2025-03-21T17:00:09","guid":{"rendered":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/?p=651"},"modified":"2025-04-28T05:15:03","modified_gmt":"2025-04-28T10:15:03","slug":"ransomware","status":"publish","type":"post","link":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/blog\/ransomware\/","title":{"rendered":"What to Do about Recent Ransomware Warnings"},"content":{"rendered":"

Earlier this week, USA Today<\/em> published a warning about the Medusa ransomware threat<\/a> and quoted the FBI and its cybersecurity agency, CISA, about ways to protect firewalls, etc. While they were logical recommendations for larger companies, they missed one key fact:<\/span><\/p>\n

Most ransomware starts with email \u2013 not your firewall.<\/strong><\/p>\n

More than 90% of ransomware threats start with email, a much simpler, more effective way for bad guys to access your system than trying brutish attacks against your firewall.<\/span><\/p>\n

Email is an effective delivery system — not because email<\/em> is inherently weak, but because humans<\/em> are. We click on emails we aren\u2019t expecting from people we don\u2019t know, opening our doors to strangers because they appeal to our impulses.<\/span><\/p>\n

(Marketers already know this, which is why you may own herb scissors or an electric s\u2019mores maker.)<\/span><\/p>\n

In my view, today\u2019s successful hackers and ransomware thieves are like talented marketers who have been drawn by greed to the dark side.<\/span><\/p>\n

Why Email Works for Ransomware<\/strong><\/p>\n

Most of us are moving at 90 MPH at work. We don\u2019t take the time to be careful with email. Both marketers and hackers are experts at catching our attention in a fast-paced day.<\/span><\/p>\n

For instance, if one of your interests is advancing your career, and an incoming email says \u201cHarvard study shows how to boost your career success,\u201d you might click. If you do, and the email is actually from Harvard, you\u2019re lucky, and their marketers win. But if the email comes from someone only pretending to have a Harvard connection, your click on the link in that email is all it takes for them to find a way into your system.<\/span><\/p>\n

So remember:<\/span><\/p>\n

Most ransomware infections start with a phishing email that tricks an employee into clicking a malicious link or opening an infected attachment.<\/strong><\/p>\n

And that\u2019s why beefing up your firewall won\u2019t protect you as much as you think it might.<\/span><\/p>\n

Here\u2019s my handy guide to protecting yourself from hackers and ransomware criminals.<\/strong><\/p>\n

    \n
  1. Educate Your Employees <\/strong><\/li>\n<\/ol>\n

    Phishing Awareness: <\/strong><\/span>Employees need ongoing training to recognize phishing tactics, like fake invoices, urgent requests from “the boss,” and too-good-to-be-true offers.<\/span><\/p>\n

    Test:<\/strong><\/span> Companies that run phishing tests (mock attacks) see dramatic reductions in employee click rates on malicious emails.<\/span><\/p>\n

    Report, Don\u2019t Click:<\/strong><\/span> Encourage employees to report<\/em> suspicious emails before acting. A simple internal reporting process can prevent disaster. (We encourage our clients to use email filtering protection, which allows them to report phishing with a click. Simple.)<\/span><\/p>\n

      \n
    1. Add Email Filters<\/strong><\/li>\n<\/ol>\n

      AI-Powered Email Filtering:<\/strong><\/span> Ensure your email has<\/span> phishing detection<\/strong><\/span> that scans for suspicious sender behavior, attachments, and links and filters them out before they reach your inbox. Bad guys are using AI to target you, so fight back with AI to level the playing field.<\/span><\/p>\n

      Enable Two-Factor Authentication (2FA):<\/strong><\/span> Even if an attacker steals a password through phishing, MFA can block them from logging in because they won\u2019t know the verification code that\u2019s texted to your phone.<\/span><\/p>\n

      Block Attachments and Links:<\/strong> <\/span>Restrict certain file types (e.g., .exe, .zip) and use link scanning<\/strong> to check URLs before users have an opportunity to click.<\/span><\/p>\n

      Not using advanced email filtering is the business equivalent of wearing flip-flops in a snowstorm.<\/strong><\/em><\/span><\/p><\/blockquote>\n

        \n
      1. How to Limit Damage<\/strong><\/li>\n<\/ol>\n

        Small businesses are increasingly targeted by ransomware villains because they believe small business owners won\u2019t take sufficient precautions. So, be the exception and put protective gear on your systems.<\/span><\/p>\n

        Think of it like a bulletproof vest. It will prevent most harm, but a determined thief will occasionally succeed. For small businesses, that\u2019s a problem, because those that have been attacked have a low survival rate \u2013 60% of them close within six months. And that can happen whether or not they pay the ransom, which is usually quite high.<\/span><\/p>\n

        But that doesn\u2019t mean you\u2019re helpless. Limit the damage from unwanted digital intruders and position yourself to recover quickly by preparing in advance:<\/span><\/p>\n

        Backup, Backup, Backup:<\/strong><\/span> Keep at least one offline backup that ransomware can\u2019t reach, and another automatically backed up to the cloud \u2013 a cloud service that\u2019s entirely separate from your Google Drive or OneDrive accounts, as those are tied to your system and are thus more likely to be compromised by a talented hacker. These backups mean you don\u2019t have to pay ransom for your data because you already have a copy. This is how you eliminate the risk of going out of business.<\/span><\/p>\n

        Restrict Access:<\/strong><\/span> The days when every employee can have access to everything are over. That\u2019s because ransomware spreads fastest when employees have unnecessary access to files and systems they don\u2019t need to perform their jobs. Why? When a pirate breaks into Sam\u2019s computer, they gain entry to everything Sam has permission to access. So, give Sam permission to access only the files he needs for his job, and nothing more.<\/span><\/p>\n

        Isolate Infected Devices:<\/strong><\/span> If an attack occurs,<\/span> immediately<\/strong><\/span> disconnect affected devices to prevent a spread across the network. If you\u2019re not sure what\u2019s infected, disconnect everything. That\u2019s right, just pull the plug out of the socket. It may shut you down for a day, but that\u2019s a smaller problem than being shut down for weeks or months (or forever).<\/span><\/p>\n

          \n
        1. Make a Ransomware Response Plan<\/strong><\/li>\n<\/ol>\n

          Plan for the Worst:<\/strong><\/span> Creating a basic list \u2013 who to call, how to isolate infected systems, when to contact law enforcement \u2013 can make a difference. Your IT person or support company should be at the top of that list \u2013 and don\u2019t be shy about reaching out to them, no matter what the hour. Most reputable external support companies have 24\/7 emergency answering, and your internal IT people would rather hear from you immediately than wait for morning after all possible damage is done.<\/span><\/p>\n

          Never Pay the Ransom:<\/strong><\/span> Paying doesn’t guarantee you\u2019ll get your data back. Instead, it marks you as a repeat target. Remember, most ransomware villains aren\u2019t in the US, so American law enforcement can\u2019t touch them, and you won\u2019t get your money back. First, they\u2019ll force you to pay in cryptocurrency, which is untraceable. Second, after they have your money, they have no incentive to give you anything back. There\u2019s no moral code attached to these bad actors, and they don\u2019t care about their reputations because they\u2019re anonymous. So, don\u2019t risk your future by turning over all your assets today.<\/span><\/p>\n

          Applying email filtering and security software before you\u2019re targeted is far less expensive than leaving your door open to criminals.<\/strong><\/em><\/span><\/p><\/blockquote>\n

          The Bottom Line<\/strong><\/p>\n

          Most small businesses don\u2019t have the funds to build an impenetrable digital fortress around their company, but they can afford to buy the figurative equivalent of locks for their doors, bars for their windows, and an alarm system for anyone who gets past those. A combination like that keeps most intruders out. That\u2019s what employee education, advanced email filtering, and backups do for your business in the digital world \u2013 together, they keep more than 90% of the danger at bay at an affordable cost.<\/span><\/p>\n

          Please use these simple steps to protect your business in these times of rising danger from ransomware and other forms of hacking.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

          Earlier this week, USA Today published a warning about the Medusa ransomware…<\/p>\n","protected":false},"author":1039,"featured_media":652,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[],"class_list":["post-651","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-services-for-the-greater-philadelphia-area"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/posts\/651","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/users\/1039"}],"replies":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/comments?post=651"}],"version-history":[{"count":0,"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/posts\/651\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/media\/652"}],"wp:attachment":[{"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/media?parent=651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/categories?post=651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cmitsolutions.com\/philadelphia-pa-1200\/wp-json\/wp\/v2\/tags?post=651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}