Get All Access for $5/mo

Just Being Proactive Isn't Enough: What Entrepreneurs Should Do During a Cyberattack Last month's 'WannaCry'' attack struck huge enterprises. Now, smaller businesses are wondering what hope they have for similar events.

By Adam Levy Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.


Last month, the WannaCry ransomware attack, according to Reuters, struck more than 150 nations, affecting upwards of 200,000 computers.

Cyence, a firm specializing in cyberrisk modeling, estimated the total economic damage to be around $4 billion. Victims ranged from individual users to massive organizations, including transportation systems in Germany, a communications firm in Spain and hospitals in Britain.

With WannaCry's ability to overtake large enterprises and major networks on full display, smaller businesses were left wondering what hope they had against similar attacks.

Related: WannaCry Ransomware: What You Need to Know

Small businesses fighting big attacks

Most business leaders think -- or should think -- about proactive and preventive measures when they think about cybersecurity. "Proactive" precautions include instituting a managed firewall and antivirus software.

Yet, while these measures are essential, they're no guarantee for avoiding an attack. When a ransomware event does occur, small business owners and entrepreneurs need to know what to do, to repair (or at least minimize) the damage.

Hopefully, such an attack will never happen to your business. But if the worst occurs, here are some steps to take:

1. Act fast with communications.

Ransomware attacks leave no time to waste -- by the time a U.K. researcher slowed WannaCry (24 hours after the attack began), Healthcare IT News reported that the attack had already affected more than 100 countries. Once a small business owner recognizes his or her business is under attack, it's critical to begin communications right away.

Leaders should communicate next steps to the rest of their company. In some cases, they'll also need to alert their customers.

Reporting an attack to the authorities matters, too; the FBI has described criminal cyberattacks as being within its purview. Informing federal law enforcement can help ensure more organizations around the country don't also fall victim, especially when the attack is as far-reaching as WannaCry was.

2. Isolate infected machines.

It can't be said enough: Attacks move quickly from one machine to the next. According to Malwarebytes, when WannaCry was installed on a computer, its code allowed it to spread to other vulnerable machines on the network. This isn't uncommon for ransomware attacks.

Companies, then, must do their best to slow the spread as best they can. Specifically, company leaders need to remove affected computers from their network as soon as they've identified the infected machines.

Related: 4 Ways Ransomware Companies Act Like Legitimate Businesses

3. Document and understand effects before attempting to fix them.

Not all cyberattacks are alike. At best, an attack might take away a specific capability, such as browsing the web; at worst, it might encrypt every last file on a machine, thwarting operations entirely and compromising customer data.

In some cases, WannaCry's effects were astonishingly severe. The British National Health Service reported that WannaCry forced it to shut down 16 of its computer networks, which meant hospitals had to deny care to all patients whose health wasn't immediately threatened. That's far different from losing internet access for a period of time, and its consequences are just as distinct.

Related: Business Cyber Attacks Top 4,000 Per Day: Your Guide to Ransomware

A proactive plan of response is the most effective prevention for a cyberattack, but even the most thorough cybersecurity measures won't completely immunize an organization; there's simply no way to ensure, beyond a shadow of a doubt, that a business won't fall victim to a ransomware attack.

When hackers do strike, taking the above measures may reduce the impact and help speed up the recovery process. That way, small business owners can return to business as usual in as little time as possible.

Adam Levy

CEO, Magnet Solutions Group

Adam Levy is the founder of Magnet Solutions Group, an IT and web development company, and LoTops, a CRM and management application for small businesses in any industry. He tweets regularly on business technology at @Adam__Levy.



Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick


ChatGPT is Becoming More Human-Like. Here's How The Tool is Getting Smarter at Replicating Your Voice, Brand and Personality.

AI can be instrumental in building your brand and boosting awareness, but the right approach is critical. A custom GPT delivers tailored collateral based on your ethos, personality and unique positioning factors.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

Is the AI Industry Consolidating? Hugging Face CEO Says More AI Entrepreneurs Are Looking to Be Acquired

Clément Delangue, the CEO of Hugging Face, a $4.5 billion startup, says he gets at least 10 acquisition requests a week and it's "increased quite a lot."

Business News

Apple Reportedly Isn't Paying OpenAI to Use ChatGPT in iPhones

The next big iPhone update brings ChatGPT directly to Apple devices.

Growing a Business

He Immigrated to the U.S. and Got a Job at McDonald's — Then His Aversion to Being 'Too Comfortable' Led to a Fast-Growing Company That's Hard to Miss

Voyo Popovic launched his moving and storage company in 2018 — and he's been innovating in the industry ever since.

Business News

Sony Pictures Entertainment Purchases Struggling, Cult-Favorite Movie Theater Chain

Alamo Drafthouse originally emerged from bankruptcy in June 2021.