More than 14 publicly claimed ransomware attacks occur each day, many of which target small businesses or organizations that don’t think they’re in danger. But this doesn’t mean you have to wait like a sitting duck for an attacker to target your club. Adopting specific prevention measures can help you avoid attacks and minimize the impact if one does occur.
THE DANGERS OF RANSOMWARE
Ransomware is a type of malware attack that blocks access to important files on your device or within your network until a ransom is paid. The attackers are financially motivated and typically threaten to leak sensitive data if a large ransom isn’t immediately paid. While this sounds like a problem for big business, it’s actually a bigger problem for small businesses and organizations that don’t think they’re at risk.
Once cybercriminals have access to your data, there’s no guarantee you’ll get it back. Your club won’t be able to use the files, and you’ll be liable for the consequences if the personal identifiable information (PII) of your players or staff members is leaked as a result of the attack. Implementing some basic safety measures can help you ensure this doesn’t happen.
10 STEPS TO MINIMIZE RANSOMWARE ATTACKS
As with most things, when it comes to ransomware, an ounce of prevention is worth a pound of cure. The steps you take before a ransomware attack can significantly reduce the impact of the attack on your club. Take these ten steps to strengthen your network security and develop a strong response to ransomware attacks.
1. PERFORM FREQUENT DATA BACKUPS
Keeping sensitive data secure is the first step in preventing cybercriminals from using your data against you. Begin by determining the safest location to store your data — usually a cloud-based application, on-site hard drives, or external data centers. Keep this data secure by developing a concrete schedule for backing up the information.
2. HAVE A PATCH MANAGEMENT PLAN
Attackers often find access to your network through software that hasn’t been updated to block known vulnerabilities. Patch management is the process you use to acquire and apply updates to the software and devices you use. Your plan should include identification of IT assets and their locations, and records of routine updates.
3. UTILIZE ENDPOINT DETECTION AND RESPONSE (EDR) SOLUTIONS
Endpoints (devices that communicate with your network through internet) often have vulnerabilities that attackers use to gain access to your network. Investing in EDR solutions that allow continuous monitoring of security-related threat information on endpoints and offer advanced threat detection investigation and response capabilities can help you avoid these risks.
4. DEVELOP ACCESS CONTROL POLICIES
Limiting the number of people who have access to sensitive data will reduce your risk for potential attacks that begin with phishing emails or other tactics that target individuals. The most effective access control policies are multifactor authentication (MFA) and the principle of least privilege (POLP).
MFA: The practice of requiring one or more forms of ID to access a device or sensitive information.
POLP: Allowing employees or administrators access to only the networks, data, and technology required to perform their role.
5. SEGMENT AND SEGREGATE NETWORKS
Closely interconnected networks with minimal restrictions allow attackers to easily move through networks and gain access to sensitive information. Network segregation (dividing large networks into smaller segments) allows you to isolate crucial network segments and control traffic flow between segments.
6. IMPLEMENT EMAIL AUTHENTICATION TECHNOLOGY
Ransomware attacks often begin with a phishing email. Email authentication technology monitors incoming emails and determines their validity. Verified emails are allowed to reach recipient’s inboxes. Emails that can’t be authenticated are either blocked or flagged.
7. PROVIDE CYBERSECURITY TRAINING
Staff members and administrators who have access to data are your first line of defense against ransomware attacks. Providing them with basic cybersecurity training will give you the power to protect your system against ransomware attacks.
8. PRIORITIZE END-OF-LIFE (EOL) SOFTWARE MANAGEMENT
All software eventually reaches end of life (the point where manufacturers will no longer develop or service the products), making the software or device vulnerable to hackers. Adopting plans to introduce new software or devices in a timely manner can help you avoid these vulnerabilities.
9. HAVE A PLAN FOR ATTACK RESPONSE
When a ransomware attack is suspected or detected, you need to have a dedicated response plan that will allow you to immediately take action. Response plans should address a variety of ransomware attack scenarios and be communicated to all relevant parties.
10. INVEST IN SUFFICIENT COVERAGE
Adequate cyber insurance coverage provides you with financial protection against potential losses that may arise from ransomware incidents. Consult an experienced insurance professional to discuss your specific coverage needs.
CLOSING THE BLOCK: CYBERSECURITY HOT TIP
Don’t be afraid to ask for help
Whether you believe your network is impacted by ransomware or you’re trying to develop a comprehensive protection plan, you don’t have to do it alone. Calling in an expert to help you devise a strong cybersecurity plan can give you professional insight into the data you need for protection and the factors about your network that could make future ransomware incidents more likely. Getting help from an expert during an attack can make the difference between a minor incident and a major breach.
About the Author
Brad Preston is a client advisor at World Insurance Associates (World) specializing in the Sports industry. Prior to World, he spent more than 20 years at Advanced Event Systems and SportsEngine where he worked closely with the JVA and other member clubs in the volleyball space. He is well versed in club operations, staff, and member management, and most importantly, the use of technology and its inherent cyber risks. The JVA and World have partnered together to bring JVA Members educational articles and content to help you learn about your unique cyber risks and exposures, and how to better protect your businesses, members, and families in general. Feel free to reach out to Brad directly with any questions at bradpreston@worldinsurance.com