Global ransomware damages are forecasted to top $12 billion by 2019, WTC IT Services sales and marketing manager Jeff White told Pacific-West Fastener Association members.

Ransomware attacks have shut down the city of Atlanta and knocked Merck, one of the largest pharmaceutical companies in the world, offline for a week.

“Sometimes we forget how much we rely on technology,” White explained to attendees of Pac-West’s autumn meeting in Whitefish, MT.

For most private companies, however, the damage is measured in days.

“What is the cost of not operating your business for a day?” White asked.

Ransomware works in two ways: either through email with “malicious intent,” or through web-based “infection,” White explained.

Educating employees is an important step in preventing cyberattacks, White advised.

“It’s not one specific thing that makes the difference.”

White offered his top 10 list of essentials to protect your company from ransomware.

1) It’s important to have a current firewall with software learning capabilities. Your firewall should have GEO IP filtering (blocking IPs from foreign companies); content filtering (blocking categories of websites that are more prone to malware); and automated notifications if network traffic exceeds normal ranges.

2) Do you have current anti-virus/malware protection on every device in your company?

White advised evaluating if your anti-virus product has all the “end-point” features needed.

Be aware that most current ransomware variants disable all the leading vendors’ products via registry before infecting systems.

3) Patch all software and hardware with current updates. Known vulnerabilities in software and firmware aid the the spread of ransomware. 

“If you do not have current Windows operating systems that are still supported by Microsoft, we highly recommend you remove them from your network or upgrade,” White stated.

4) Use current versions of Internet browsers. Update Flash and Java plug-ins. Legacy machines in the fastener industry create “very vulnerable situations.” To be safe, disable these machines from any internet connection, White advised.

5) Train users on email and internet vulnerabilities.

“This is very important,” White explained.

You are only as safe as your least educated employee, White noted.

“Train on ‘zero trust’ approach to communication.”

6) Allow no connections to your network with a virtual private network (VPN).

“Stop broadcasting internal SSIDs,” White advised.

7) You must have complete backup of all production systems. Backup data must be encrypted, and must be offline.

8) Your company must test your backup data and process yearly. Ask: How long does it take to be up and running from your backup data? Is all the data accessible and current? What is your plan to roll data back to your production systems?

9) Run a threat assessment survey against your network. Scan inside for patched software and current firmware. Scan outside for open ports or unusual activity.

10) Know and mitigate your financial and business risk. Know the details of your policy and the activating events, White advised. Also, know how specifically to respond or the coverage could be denied based on a technicality.

“If you pay ransomware, there’s only a 50% chance of getting your data back.”