Tips to prevent your manufacturing business from becoming a victim to ransomware
The Canadian Centre for Cyber Security, a federal agency, has developed detailed guidance on preventing and protecting against a ransomware attack.
Cybercriminals have zeroed in on a lucrative tactic, holding the digital files of crucial enterprises hostage until a hefty fee is paid, often in hard-to-trace virtual currency.
The federal government says that in the first six months of this year, more than half of Canadian victims of ransomware were critical infrastructure providers, including the energy, health and manufacturing sectors.
Since March 2020, almost one-quarter of Canadian small businesses have experienced some kind of hostile cyber-incident, federal officials say.
The digital dilemma prompted several cabinet ministers to plead with Canadian organizations this week to take protective steps.
Many breaches are simply attacks of opportunity, taking advantage of a network vulnerability, said Dwayne Robinson, global director for incident response at CyberClan, which provides security services to small and midsize organizations.
“I would argue not many are actual true, hard-targeted attacks,” Robinson said during a recent webinar on ransomware in Canada.
There are some basic things that companies can do to vastly improve their security, he said. “And it’s somewhat frustrating because we see the same thing over and over and over and over and over again.”
The Canadian Centre for Cyber Security, a federal agency, has developed detailed guidance on preventing and protecting against a ransomware attack. Here’s a look at some key recommendations:
Training — Provide security awareness training for employees to ensure they don’t click on phishing emails or open infected downloads.
Planning — Draft a plan on how your organization will monitor, detect and respond to a ransomware attack. Test the response plan through exercises.
Cyberinsurance — The average cost of recovery from ransomware worldwide more than doubled in the last year to $2.3 million. Look into policies and consider whether insurance would be helpful.
Assessment — Private specialists can assess an organization’s computer systems and recommend precautions against a ransomware attack.
The federal government offers programs aimed at critical infrastructure operators in the fields of energy and utilities, finance, food, government, health, information and communication technology, manufacturing, safety, transportation and water.