Ransomware, Disaster Recovery and Business Continuity: What Every Small Business Should Know

The last few years have seen a large increase in ransomware incidents and 2019 has surely followed suit with many industries impacted. In the last few months manufacturing, municipalities, school districts and other small business sectors have all dealt with their share of attacks. Tens of townships in Texas were attacked in August 2019 with a total ransom of over 2.5 million dollars. School districts across the US were targeted for student and faculty data.  

It’s been a rough one to say the least.  

The best defense against ransomware for yourself and your business is still education and Andromeda can help with that. Read on to learn more about the threat of ransomware to your business and what you can do to prepare yourself.  


Ransomware is a type of malicious program that encrypts a segment or all of your data. At that point, the data can only be decrypted with a key. The criminal ransoms your data until you pay them to decrypt it.  

This means that whatever they get their hands on, is no longer of use to you until you pay up. Things like accounting information, client information, HR information – anything data related at the business.  

With more and more incidents on the rise, it is important that you proactively defend yourself against this threat and have a plan in place to respond in case your business faces a ransomware incident of its own.  

Employee Cyber Security Training 

Over 90% of cyber security incidents facing businesses today originate with some kind of human error. Your staff and teammates don’t mean to make these mistakes and an honest error can happen to anyone. Clicking on a bad link, falling for a scam online, downloading an infected file – these things happen to the best of us.  

Tricking you into downloading malicious files to your PC is still a method criminals use to try and get into your computer but the primary two methods to gain access and do damage to your systems in 2019 are via third party data breaches (learn more about third party breaches here and phishing email attacks (learn more about phishing scams here . 

To help your employees stay ahead of criminals and defend your business, you want to invest in regular training for the team. Professional cyber security training programs include simulated phishing email tests, individual scores, weekly quizzes, newsletters and more.  

Data Backups & Disaster Recovery Planning  

Employee training will do a good job at helping your staff defend the business but there is still always a chance that ransomware can happen.  

When it comes to ransomware, there is little you can do to remove the damages. There is no ‘debug’ or troubleshooting technique that will make it go away. To get the encrypted data, you have to have the decryption code.  

The only alternate solution available to you would be to restore from a backup. That way, you don’t need to decrypt anything. Of course, this is dependent on the quality and safety of your existing backups.  

We recommend looking for a backup solution with an on premises copy as well as a secure cloud copy of your data backups.  

The best data backup and recovery solutions take regular snapshots of your environment. Even better solutions can spin up a virtual ‘copy’ of your environment so you can keep working while your IT team works in the background to get systems back up and running like normal.  

Make sure to ask the team or individual who handles your backups how often they test them. It’s also good to have a clear understanding of what it takes to get you back up and running in the event of an incident (what does it look like if we have an equipment failure? How do you respond if we are hit with ransomware?).  

Business Continuity 

Training staff on how to avoid scams and criminal tactics online is a great way to defend against Ransomware and other incidents. 

Having a good data backup and disaster recovery plan is what you want to do to make sure your business can handle this type of attack.  

The final piece of the Ransomware puzzle for now is going to be your business continuity plan.  

When it’s said and done, you are most likely going to experience some amount of downtime in the event of a Ransomware attack. It’ll take time to recognize what is happening, to contact the proper parties (IT staff or your outsourced team and decision makers), respond to the incident etc.  

All of this time costs your business money, productivity and opportunities. This is why many vendors suggest coming up with Business Continuity plans for different types of incidents at the office.  

Have a plan for equipment failure (like a server crash), a plan for a major cybersecurity incident (ransomware across the network), have a plan for minor cybersecurity incidents (single user hit with malware or a virus). You get the idea.  

Some great questions for Business Continuity plans:  

  • How does my business or staff respond to this incident?  
    • Do you unplug workstations?  
    • Does the employee call you first or IT?  
    • Is there anything you should do on site while your IT team gets to work?  
  • How long will it take to get us back up and running? (this will differ depending on what you face) 
  • How do we keep the business running while designated teams respond?  
    • Can we make use of the cloud?  
    • Do we need to work from pen and paper while things resolve?  

A professional team will help you work through these questions and come up with the solutions your specific business and business model needs to keep things running in the event of a disaster, accident or incident.  

The key is really in the preparation.  

If you have any questions about any of the topics above or want to discuss your own disaster recover, data backups or business continuity plans, please give us a call at (815) 836-0030 or contact our team via email at Contact@wenetwork.com