ROANOKE, Va. (WDBJ) – Earlier this week, a Virginia legislative branch agency was hit with a ransomware attack.
These are becoming more common, hitting everything from the government to the Colonial Pipeline.
WDBJ7 spoke with local experts on ways you can protect yourself and your workplace as cybercriminals are getting smarter and richer.
“In 2020 there was almost a trillion dollars in losses. That’s up from 500 billion in 2018. The average disruption takes a business offline for 18 hours. These aren’t always successful in getting paid, but they’re almost always successful in disrupting a business,” explained Eric Thompson, a Director with Advanced Logic Industries. “The average disruption per business costs about $750,000.”
“Every company should assume they’re going to be hacked,” says Dr. Aaron Brantly, a professor at Virginia Tech and the Director of the Tech for Humanity Lab. He describes hacking an organization as an incredibly easy task nowadays.
“Everybody’s facing these challenges,” he said. “Virginia Tech has taken away administrator privileges for all faculty and staff. This is happening across the country and across the world.”
Generally, he recommends companies follow the principle of least privilege
“If an employee doesn’t need access to a particular software or system, then don’t give it to them. Keep those privileges as low down as possible and keep the higher-level access only to those in managerial positions,” said Dr. Brantly.
Additionally, business owners can add administrator controls to be proactive against cybercriminals, and train employees to recognize what may be a ransomware attack, exercising caution when opening up links via email.
“You’re essentially controlling the computing environment to something that is locked down to your needs or wants and preventing them from installing perhaps illegally obtained software or software that might provide an entryway to your business,” said Dr. Brantly. “Don’t send them links via email without telling them. Better to send to a joint depository such as Google drive which scans documents as you upload and download them.”
Two-factor authentication across all services like email and payroll can ward off over 90 percent of all cyberattacks, which could prevent your company’s and your personal information from being sold on the dark web.
Experts also advise having a good backup system, which may make it easier to rebuild your cyberspace than having to fork out thousands in ransomware.
Copyright 2021 WDBJ. All rights reserved.