Ransomware prevention, or what do to if you’ve been attacked.

Ransomware is impacting more and more Calgary and Canadian businesses.

A ransomware attack is extremely stressful. The time it takes to recover from one can range between days or weeks – in bad situations we’ve even seen it take months. There is no business in the world that wants to be cut off from their working files, accounting systems, or entire network for any length of time.

So, how do you avoid Ransomware? The short version is simple:

  1. Implement strategies to actively prevent a ransomware attack from occurring (prevention).
  2. Have a plan for when it does occur (so you can bounce back fast).

Keep reading below to get some specific tips and advice that the team at Britec has put together:.

What is the top 5 most important things to prevent a data breach (above all others)

  1. Keep Security Software Up-To-Date  Keep security patches for your computers up-to-date. Use firewalls, anti-virus and anti-spyware software; update virus/spyware definitions daily. Check your software vendors’ websites for any updates concerning vulnerabilities and associated patches.
  2. Implement Multi-Factor Authentication  Many companies have been slow to adopt MFA. Nearly 40% of respondents in a survey of business leaders noted that their planned upgrades to secure identity and access management were delayed in the rush to facilitate remote work, leaving the door open for cybercriminals. That led to devastating consequences for businesses that failed to make the move. Over 40% of respondents in that study said that their organization had been compromised because of a bad, stolen or cracked password.  It’s clear that multifactor authentication is a critical tool for businesses of every size.
  3. Train Your Employees on Cybersecurity  Schedule and conduct cybersecurity awareness training for all employees, including emphasis on potential pandemic impacts. Also, conduct phishing tests to ensure training “sticks” with employees. To protect your company daily, cybersecurity must become part of your company’s DNA and adopt a security-minded culture.
  4. Back Up Your Systems  Make sure business continuity and disaster recovery plans are up to date and include specific procedures.  Business continuity planning (BCP) is the process a company undergoes to create a prevention and recovery system from potential threats such as natural disasters or cyber-attacks.  BCP is designed to protect personnel and assets and make sure they can function quickly when disaster strikes.
    Business Continuity Plans should be tested to ensure there are no weaknesses, which can be identified and corrected.
  5. Consider Outsourcing Your Security  Research shows that companies who outsource endpoint protection have lower malware infection rates. It’s important to work with a partner who has a macro and micro view of cybersecurity. As a private cloud hosting provider, Britec can see the landscape for 100s of companies.

You need a partner, like Britec, who is on top of the mountain looking down, most individual companies are in their own valleys.  We can help companies with their cybersecurity strategy and implementation. It’s important to know your core competency. If cybersecurity is not your core competency, get in a team where it is. Trust us, it can be very expensive if you do not.


What are the top 3 things to do FIRST if a data breach occurs?

1. Freeze everything and ensure auditing and logging is ongoing.
Make sure the malware affected devices have been taken off-line with no internet connection but do not shut them down or make any changes just yet.  By taking them off-line we can stop any other malicious software from spreading.   Then while doing research on the affected devices we can find clues and evidence that the hacker may have left behind.   Making sure the system auditing is intact and operational will help to determine the scope of the breach and create remediation methods.

2. Change passwords or lock credentials
Changing all passwords or locking-out your system credentials is a good idea this will help stop the breach from expanding if the hack is still continuing.  Data breaches often rely on compromised passwords and credentials.  If you have confirmed or suspect that a system may have been compromised make sure you make this change.

3. Determine the impact, how it happened and what needs to be done
Determine and establish the scope of the breach and damage.  Once you have done this you can create a plan of action with you and your team of security specialists.  Then establish whether you need to remotely wipe a stolen mobile device, update software, change network firewall rules, segregate subnets, run anti-malware scans, increase logging and alerting or some other technical steps. Taking these steps can help when a data breach occurs.

What do we do for our clients to prevent and prepare for ransomware?

  1. Britec follows all the conventional security protocols and to make sure that they are applied properly.  We keep ourselves up-to date with current/real-time information of security attacks and are constantly vigilant when it comes to protecting our clients systems. It is an ongoing job that doesn’t stop which we dedicate significant resources towards.
  2. What do we do if a ransomware attack is successful? The first objective is to secure the system from the breach and return all network and computer systems to normal operation. Next, we conduct analysis and audits to ensure a similar attack doesn’t happen again. Very frequently people are (unintentional) cause of a breach. So training takes a significant role in prevention.

Britec is here to help.

If you want to have a conversation, discover how vulnerable you might be, or if you need someone to help protect your systems and assets from Ransomware – please contact us. We’re a Calgary-based IT and Accounting Software company who has been serving Canadian and Calgary businesses since 1988 (you want 33 years of experience backing you up).