Whack-a-mole Tactics Aren’t Worth The Time In Cyber Security

How can small and medium-sized businesses protect themselves and their networks from online threats without breaking their budget? Let us find out.

A group of cybersecurity executives based in New York City recalls their experience of a training exercise where a team of hackers (designated red team) simulated an attack on a company’s infrastructure. The team of cyber experts (designated blue team) was tasked with responding properly to the incident and with restoring normal operations as well.

When the red team inflicted their first attack, the blue team responded by opening their monitoring tools and turning on the detection tools too. They scrambled quickly to counter the threat and fend off the hackers.

Sounds about normal right? Well, it does in one way or another but it isn’t

Their natural response was to put up one roadblock after another, quickly scrambling to shield the infrastructure from harm. One of their responses, for instance, was shutting down those ports that attackers targeted. They even disabled admin accounts hackers tried compromising.

However, there is an unfortunate aspect of the process which is also overlooked. Cybersecurity teams often end up blocking legitimate and needed traffic on those ports or shut down systems that were managed by admin accounts. This effectively disrupted their company’s ability to work even before the attackers had accomplished their goals through their tactics.

What is such an approach known as?

Such an approach is known as the Whack-A-Mole approach. It is sadly an ineffective strategy against cyberattacks. It also has no impact on ransomware attacks. These attacks are serious threats companies must watch out for.

Reasons why the whack-a-mole approach would never work properly?

Renowned cybersecurity companies explain that in the first half of last year, they blocked more than 14,000 ransomware attacks on average. They targeted businesses and their information technology systems.

A lot of small and medium-sized businesses lack the needed expertise in developing a worthwhile defense strategy, Here are some guidelines they can follow to avoid using the whack-a-mole approach, as recommended by the best DDoS protection service provider in The Big Apple New York City:

Being prepared and ready with the needed technology

There is a saying “An ounce of prevention is worth a pound of the cure.”

One of the best ways of avoiding vulnerability in cybersecurity, especially towards ransomware attacks, is ensuring all critical data is backed up on a regular basis. It should also be kept in mind that such data be kept in a safe environment which can serve as a backup in case data from a normal environment is held hostage.

Additionally, Encrypting sensitive data reduces the likelihood of malicious actors trying to steal the data and even try to make it public.

Practicing response to an attack

Whilst practicing responses, companies need to have a playbook for balancing the impact of ransomware attacks with the requirements of continuing business operations. Just the way anyone can schedule regular fire escape drills in physical office spaces, companies will be quite successful if they are able to thwart a ransomware attack with a proactive response plan.

To make that plan work, they need to conduct periodic exercises simulating attacks with their teams. This is how they can strengthen their cyber defenses at all times.

Having proper safety nets in place

Safety nets should be in place. Cyber Insurance and data recovery services are among them. All dark web activities need to be monitored and the business’s reputation should be restored too. Companies need to know that they can fall victim to a ransomware attack. They should be able to recover from such an attack as quickly as possible without any negative consequences.

This helps them and their customers, and hence also raises their chances of being able to start working again and growing their business quickly too.


Small business owners often face budgetary constraints and aren’t of the profile to attract large-scale attackers. They are however often attacked by cybercriminals often looking to steal their cash and to cause havoc on their systems. This is why they must invest in top-notch cybersecurity to ensure they are on the right path and are also safe from such attacks around the clock.

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *