With summer in full swing, most seasonal businesses are well underway. From landscape maintenance to pool care to summer rentals (vacation properties, recreational vehicles, bikes, kayaks, etc.) and more, these small businesses always face immense pressure to perform over just a few months of warm weather in most locations across the country.
Unfortunately, this pressure also makes them an ideal target for ransomware attacks. Hackers want to get paid, and they know that their odds increase when they hit businesses not only where it hurts—their data—but when it hurts—when companies are most vulnerable to the negative effects of downtime. For summer businesses, that’s during their condensed busy season.
And the fact that they’re small businesses doesn’t afford them the obscurity that they might think. While hackers extorting millions from large enterprises may make headlines, small businesses are increasingly in the crosshairs of ransomware gangs. According to recent data, more than half of the ransomware attacks in 2023 by the notorious LockBit group targeted companies with fewer than 200 employees.
There’s another harsh reality: three-fourths of these businesses would likely shut down permanently if forced to pay a ransomware demand. The combination of the ransom payment itself and the disruption to business operations would simply be too much for them.
To counter this, seasonal businesses need to ensure they have the tools in place to quickly recover their business-critical information without having to bend to the will of a hacker. True, small businesses may lack the resources and personnel to implement the same robust cybersecurity defenses larger companies have, but the fact is that small businesses can no longer afford to ignore cyber resilience.
Getting started
The basics of cyber resilience that every small business should have in place are:
- A backup and recovery tool – This enables swift recovery after an attack. For small businesses, this could involve a combination of on-premises plus cloud backup and recovery services. Backups should follow the 3-2-1 strategy: maintain at least three up-to-date copies of data on at least two different media with at least one offsite.
- Endpoint protection and threat detection – Seasonal businesses should consider managed detection and response services from a reputable service provider to augment limited in-house security expertise. Also, implementing security information and event management can help improve the visibility of threats.
- A detailed and regularly rehearsed incident response plan – This includes documented clear procedures for containing threats, notifying stakeholders and recovering computer systems and data. Conducting regular full rehearsals of ransomware incident scenarios will help to ensure the plan is adequate and up to date.
- Strict discipline in patching software – Automated software security patch management across all devices, servers and software is key to fixing known vulnerabilities. Authenticated vulnerability scanning can help discover unpatched computer systems and applications.
- Ongoing cybersecurity awareness training – Building a security-aware culture through mandatory security training for all staff is also important. Examples of real-world phishing and social engineering attacks should be included.
Advanced strategies
The use of immutable backup solutions is one of the most critical advanced strategies a small business can take to secure its data and computer systems. These backups create copies of data that cannot be altered or deleted, even by privileged users. This prevents attackers from holding the data hostage through encryption during ransomware attacks. By ensuring the ability to quickly restore systems to a known clean state, immutable backups can significantly improve a business’ recovery capabilities.
Another strategy is air-gapping—physically isolating critical systems and backups from the main network. This physical separation stops the spread of threats and prevents attackers from moving laterally across the digital environment. Combined with robust backup and recovery processes, air-gapping is an effective way to protect an organization’s most sensitive data and computer systems.
Finally, zero-trust security models help by assuming no user or device is inherently trustworthy, requiring continuous verification and authorization. By eliminating implicit trust, businesses can significantly reduce their attack surface and improve their overall security posture.
Beat the heat
The threat of ransomware attacks against seasonal businesses is as real as the heat waves we’re sure to encounter as the summer months roll on. Unfortunately, beating the “heat” from cybercriminals isn’t as simple as drinking plenty of water and enjoying the shade. Instead, small businesses need to implement the tools and strategies outlined here—ideally all within a comprehensive package that makes them easy to implement and manage—to increase their cyber resilience and avoid the potentially devastating results of successful ransomware attacks.
