Ransomware encrypts your company's files and demands a ransom to give them back. For an SME, an attack can mean days of downtime, lost clients and, in many cases, closure. And paying does not guarantee you recover anything.
How it gets in
- Phishing emails with malicious attachments or links.
- Remote desktop (RDP) exposed to the internet with weak passwords.
- Unpatched software with known vulnerabilities.
Measures that work
Prevention is far cheaper than recovery. The measures with the best return are:
- Isolated, tested backups (the 3-2-1 rule).
- Two-factor authentication on every access point.
- Automatic updates of systems and applications.
- Staff training to recognise phishing.
- Network segmentation to slow the spread.
60% of SMEs that suffer a serious cyberattack disappear within the following six months. What sets the survivors apart is usually a well-made backup.
If you have already been attacked
Isolate the affected devices, do not shut down without advice, preserve the evidence and report the breach to the data protection authority within 72 hours if personal data is involved.
At Eritia Privacidad we design your prevention and incident-response plan, and we manage breach notifications.
