Cyberthreats in SMEs: Why every Company Needs a Parachute
1 – Major threats
On 12th May 2017, Wannacry Ransomware was unleashed and it hit hard. Over 200,000 computers in over 150 countries were infected and companies completely paralyzed by an unprecedented attack (which could have been a lot worse if an English researcher hadn’t shut it down so quickly).
Wannacry was a declaration of war on business. According to the French Group of Security Experts, Cesin*, we are witnessing a marked increase in cyberattacks in France. In 2016, 80% of companies were impacted, increasing to 92 % in 2017! More than 9 companies out of 10 were victims of a cyberattack last year blocking services and production with devastating effects on turnover.
Ransomware effectively takes a company’s data hostage; but it can do much more: theft of Intellectual Property is also at the heart of their concerns. In 2017, 25% of the $600 billion garnered by hackers, was stolen from companies.
In this context, the strategy which consists of sticking one’s head in the sand can be disastrous. The question is no longer if we are going to be attacked but when and what is the organization’s level of vulnerability in the event of infection.
Ransomware circulates via the internet. Any connected device is liable to be infected (PC, Mac, Virtual Machines, Tablets, Smartphones).
If the device is connected to a local network, the crypto-virus can move fast and infect all workstations on the network, including file servers where no admin rights are required to perform the operations launched by the ransomware.
Any contaminated device immediately becomes unexploitable, the hosted data on the disk becomes completely unreadable.
Increased risk of data loss
The ransom payment does not guarantee the decryption of your data.
If the company is without a professional backup solution, encrypted files can be transferred to storage (on a NAS, for example) during the most recent backup.
In this case, recovery is usually impossible.
2 – Prepare your defenses
Education is the first pillar of any security policy.
To prepare your defense:
• Raise awareness among employees and provide them with regular training.
• Identify the threats to cyber security, are they internal or external?
• Identify vulnerabilities by making an inventory of all systems that have a direct or indirect communication link to telecoms networks.
• Assess the level of exposure to risk: Evaluate the probability of the identified vulnerabilities being exploited from outside or being used inappropriately. Determine what the impact on security (IT) and safety (OT) would be.
• Put prevention and protection tools in place to reduce the probability of an attack occurring. Limit the impact of an attack when it does occur.
• Define the emergency plans to be implemented: Define the countermeasures applicable to each stage of a problem: avoidance, limitation of impact, and re-establishment of security and safety.
• Execute the procedures designed to overcome the attack to keep operating systems, software and applications up to date.
3 – The last resort
When preventive measures prove to be inefficient and ransomware has infected company computers, the last resort is a professional backup solution which integrates a Disaster Recovery element in the case of a serious incident, including massive data loss.
Professional protection solutions always keep your files in an encrypted format and cannot be re-encrypted again. Only a professional solution can guarantee recovery of the latest integral versions of your data.
Disaster Recovery Plan
This should allow operations to be completely resumed after a major disaster during which servers and computers are partially or completely destroyed. The aim of having a DRP should not be limited to restoring data or documents, machines, and operating systems. It should also include the recovery of useful applications for reading or opening documents.
Business Continuity Plan
These solutions must ensure full and continuous availability of all the necessary IT components which are essential for a business. It involves physically or virtually splitting all components of a computer system.
Shadow IT is a real problem despite the pleas of IT department managers. Currently 50% of data sits on employees’ terminals. With the emergence of broadband and mobility, this percentage will only increase.
For professional backup solutions, and given the increasingly complex architecture of professional computer systems, we should forget the idea of simple backup media such as flash drives, CDs or external hard drives.
Proper recovery requires the use of professional backup software allowing bandwidth-stored data to be saved and used, or preferably stored on hard drives to minimize the risk of damage to the media.
To prevent data from being exploited by malicious third parties, the software should encrypt the data using an encryption algorithm. For greater security, AES 128 or 256 should be favoured as standard.
The volume of business data will, at the very least, double every two years. To optimize space available on storage media, data compression is essential.
What is a Volume Backup?
A hard drive can contain several volumes, and a volume is all a computer needs to restart.
Saving a volume, unlike saving a file, preserves overall integrity: the operating system, software, applications, databases and files. This can be quite data-heavy and is preferable to choosing incremental backups with the ability to select the required data version. Restoring a volume or an entire disk (which can contain several volumes) can cause issues of incompatibility (hardware, operating system, tech support). Wooxo worked on this issue and created the OneKey Restore: a USB flash drive launches the complete recovery of your systems in less than a minute.
All of our solutions respect the highest security levels and include:
- Incremental versioning
- File encryption (AES 256-bit key)
- File compression
- Bare Metal Restore – An externalization option, offering Backup Continuity (if the main device is down)
Our goal is to provide every company with a simple way to protect its activity.
Cybersecurity is THE priority of SMEs. Wooxo supports you every step of the way.
For more information: