Tips to Protect Your Business from Ransomware

Ransomware is currently a hot topic. In 2019, the FBI received more than 2,000 complaints identified as ransomware, costing consumers and businesses over $8.9 million, according to the bureau’s Core Competency Certification (IC3) 2019 Internet Crime Report. Because attackers are often overseas and can mask their location, it can be difficult to catch them.
May 1, 2020 | Retail
By: Aaron S.
Aaron joined Acuity in 2017 as our Retail Specialist—bringing with him almost 30 years of experience in a broad range of retail. He started his career stocking shelves in the seasonal department at a local retailer. A few years later, Aaron transitioned to a gas station/convenience store, where he worked second shift while getting his degree in organizational communications from the University of Wisconsin-Eau Claire. It was during this time he made the move to the loss prevention and safety aspect of retail. Over the next 25 years, he worked in various retail segments, including video games, cosmetics/skincare, hardware/appliances, pharmacy/grocery, and clothing. Aaron held several positions during this time, including District Loss Prevention Manager, Regional Loss Prevention Manager, Regional Compliance Auditor, and National Manager of Loss Prevention and Operations. Outside work, Aaron likes to spend time with his wife (who has also worked in retail for over 20 years) and their twin teenage boys. They enjoy being outdoors on the water, fishing, and camping. As the Retail Specialist, Aaron’s goal is to enhance the partnership between retailers and Acuity by showing retailers that an insurance company can be a supportive resource and that Acuity truly understands their industry.

Ransomware is currently a hot topic. In 2019, the FBI received more than 2,000 complaints identified as ransomware, costing consumers and businesses over $8.9 million, according to the bureau’s Core Competency Certification (IC3) 2019 Internet Crime Report.  Because attackers are often overseas and can mask their location, it can be difficult to catch them. 

 

To better understand how attacks happen, it’s important to understand how a cybercriminal is able to gain access to a system. 

 

  • Front door. The actions of a user allow the attacker to gain access to the system. Think about opening the front door of your house.
  • Back door. A program grants unauthorized access to the entire system via a software or network vulnerability. One example would be an operating system that is not currently up to date because it is no longer supported by the supplier.

 

Now that we understand how an attacker can gain access, there are a few other items to note. Most systems in a retail setting are interconnected or bridged together. The accounting system is connected to HR, which is connected to scheduling, which is connected to receiving, and the list goes on. A ransomware attack might impact part of the system, or it could take it all out. Not only could you lose the ability to check out customers, but you could lose the ability to receive shipments, pay vendors, schedule staff, etc.

 

To prevent or limit the impact of a ransomware attack, consider the following steps:

 

  • Run the most up-to-date software with the latest patches. This helps to prevent back-door attacks.
  • Train employees to look for phishing emails and test them to make sure they are adhering to the guidelines. This helps to prevent front-door attacks.
  • Limit the software that is installed on a device. For example, a checkout computer likely doesn’t need email software. 
  • Limit the connections or bridges between devices or systems. In the event of an attack, this could help limit the damage.
  • Develop a disaster recovery plan that includes a plan for a ransomware attack.
  • Check with vendors, wholesalers, franchisers, etc. They might offer training that could be utilized for employees.
  • If something does happen, call the IT vendor or IT department before acting. Restarting a server could cause additional damage.
By: Aaron S.
Aaron joined Acuity in 2017 as our Retail Specialist—bringing with him almost 30 years of experience in a broad range of retail. He started his career stocking shelves in the seasonal department at a local retailer. A few years later, Aaron transitioned to a gas station/convenience store, where he worked second shift while getting his degree in organizational communications from the University of Wisconsin-Eau Claire. It was during this time he made the move to the loss prevention and safety aspect of retail. Over the next 25 years, he worked in various retail segments, including video games, cosmetics/skincare, hardware/appliances, pharmacy/grocery, and clothing. Aaron held several positions during this time, including District Loss Prevention Manager, Regional Loss Prevention Manager, Regional Compliance Auditor, and National Manager of Loss Prevention and Operations. Outside work, Aaron likes to spend time with his wife (who has also worked in retail for over 20 years) and their twin teenage boys. They enjoy being outdoors on the water, fishing, and camping. As the Retail Specialist, Aaron’s goal is to enhance the partnership between retailers and Acuity by showing retailers that an insurance company can be a supportive resource and that Acuity truly understands their industry.