How small businesses are easy ransomware targets

Topic

New Reply

ON SECURITY By Susan Bradley Yes, they really are out to get us. Recent trends in malicious attacks mean that small businesses need to be more vigilan
[See the full post at: How small businesses are easy ransomware targets]

3 users thanked author for this post.

Elly, woody, Fred

Reply | Quote

Replies

Very useful and thorough. My small crafter business uses GoDaddy to host my email via Office 365. They take responsibility for backups. Do I need to be concerned? Take additional steps?

Also, I use my native Android app to access my email on my phone. Does this putt my login credentials at risk?

Thanks for the healthy paranoia.

ZenRuth

Reply | Quote

It is unlikely that GoDaddy backup your email. They have a help section on export for backup.

How vulnerable your account is will depend on how you secure the logon. Do you use 2 factor authentication or do you just fire up the app and it works?

Is your PC locked with a password?
Is it encrypted with Bitlocker / veracrypt?

Is your PC backed up? If so where?

Do you lock your phone with a password etc?

cheers, Paul

Reply | Quote

Paul T wrote:

It is unlikely that GoDaddy backup your email.

It is an automatic option: About the Backup Email Add-on

1 user thanked author for this post.

Paul T

Reply | Quote

Have you tried restoring something?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

I don’t use GoDaddy for anything. Have you tried restoring?

Reply | Quote

Yes, I have purposely purchased Godaddy versions of Office 365 to compare them to other 365 versions from Microsoft.  Because small businesses buy a fair amount of things from Godaddy I buy there as well.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

As to the Android – look to how it’s set up for access.  Without two factor and connecting over IMAP or POP there’s just one password between you and the bad guys.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

So make sure the password is long and strong – I use a password manager to create and store those passwords.
Note: this still isn’t as good as using 2FA.

cheers, Paul

Reply | Quote

What’s the best way to protect a home system, as opposed to a business system?

Are home system backups equally vulnerable to ransomware?

Is Acronis True Image’s Active Protection feature sufficient to protect backups from being encrypted?

Would attaching an external backup drive to a router, rather than directly to a computer, provide any additional protection against ransomware?

Reply | Quote

Home systems are relatively easy to secure via a USB hard disk.
Attach the disk, backup, detach and store safely.
To be doubly sure, get a second hard disk and rotate the disks when you backup.

Backing up to a network connected disk is not secure. If the computer can see the files – so can the ransomware. Using a dedicated NAS with full snapshots would be secure, e.g. FreeNAS.

Acronis claims to detect ransomware encryption activities and prevent them. I would not trust it to be completely effective, so an offline backup would still be my preferred option.

cheers, Paul

Reply | Quote

RE: “Attach the disk, backup, detach and store safely.”

Is there a safe way to automate attachment/detachment of a backup drive in order to facilitate regularly scheduled backup jobs without manual intervention?

For example, if a backup drive were set online by a Powershell script immediately prior to each scheduled backup, and then reset to offline following backup completion, would that provide reasonable protection against ransomware?  (This could be accomplished by “Set-Disk -Number 1 -IsOffline $False” before each backup, and “Set-Disk -Number 1 -IsOffline $True” after backup, and could probably be included in an Acronis True Image backup job by using their pre/post commands.)

Can ransomware access an offline drive?

Reply | Quote

There are a few suggestions online for using that arrangement, but I couldn’t see any that were tested.

cheers, Paul

Reply | Quote

According to Crowdstrike, more than 50% of ransomware attacks in 2019 were done without the use of malware – in other words, they were direct attacks conducted by humans.

For your technique to work, you’d have to somehow avoid an attack by a human adversary.

Reply | Quote