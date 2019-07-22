Imagine waking up one morning, ready to grow your business, and watching it all crumble in front of you as you try to log in for the day.
A well-loved El Paso business recently had the rug pulled out from under them by a ransomware attack. Over the course of a night, their servers were wiped clean, leaving them at a complete standstill and nearly ending the company.
They felt like they were doing everything necessary to avoid cyberattacks. They had:
• Antivirus software
• Password protection
• Occasional operating
system and software updates
So how did this happen — and what can you learn from their devastating experience?
Don’t make any assumptions about your antivirus
The business we’re discussing used a decent antivirus solution, but they let updates lapse until their network was like Swiss cheese — full of entry points for a savvy extortionist. The problem with antivirus software is that, as vital as it is, it can’t protect you if it’s out of date. Cybercriminals create new viruses and exploit weaknesses like it’s their job (because it is). Every time your antivirus software expires or asks you to install an update, take it as a signal that there’s a dangerous vulnerability in the product you’re using, and make it a priority to update.
Take passwords more seriously than ever
Fun fact: When researchers (and hackers) use the passwords leaked in breaches, they’re able to re-use them to crack up to 30% of unbreached passwords — in seconds. Like many of us, the El Paso ransomware victim used weak passwords that didn’t stand a chance against a targeted attack. A good, encrypted password manager service can generate and store incredibly complex passwords for each of your accounts, and you’ll only need to remember one master code.
Update like your business depends on it
As with antivirus, the operating systems and software on every single business device must be addressed as soon as you’re prompted to install an update. If you have remote employees, make sure to select programs that will auto-install updates as needed. Though updates are annoying and slow you down in the short run, consider the fact that they’re saving you from extended downtime after an attack.
I’m pleased to report that the business hit with ransomware made a strong recovery and now has tools to protect themselves from a future attack. May their experience help motivate you to make smart changes and upgrade your own security.
Patrick Holland is president and CEO of Varay, an El Paso-based technology firm.