Handling the Threat of Ransomware
“Ransomware” is the term used when cybercriminals make the data on your network inaccessible to you until you pay a large ransom. The tools used for ransomware are no
different from those used for traditional hacking, but instead of stealing your data, criminals want to steal your money.
Due to the increased processing powers of computers and the rise of anonymous payment systems, ransomware attacks have become a lot more frequent, making ransomware one of the most substantial digital threats businesses face.
Once your business is infected, you face two tough choices – either spend the time to recover your locked files, resulting in days of downtime and lost business opportunities, or you pay the ransom and hope the attackers do not disappear before they unlock your files. Either option will still require that you wipe and restore all computers to remove the ransomware.
The best target for ransomware is a business that has vulnerabilities in its network. Just like traditional thieves, they go after the location that is the easiest to break into. The more secure you can make your network the less likely it is that your business will be attacked. Data security experts typically advise that you follow these four critical steps to reduce the risks of ransomware and avoid the need to pay a ransom:
Employee Training. Ransomware often starts with an employee opening a single file that unleashes a virus that shuts down the entire system. But the ransomware can be activated in a number of ways. These include infected downloads, phishing scams, or opening an email attachment containing malware. It is crucial to train your employees never to download or open any email attachments unless they directly apply to their daily business responsibilities. It’s also important to stress to employees never to visit Websites other than those relating to business research or business activities.
Sometimes individuals are hacked, then the hackers use the addresses gleaned from that person’s contact list to send out infected attachments or links. Employees should be trained to look out for strange emails that appear to be from people they know that may have been hacked. Any emails looking remotely suspicious should be immediately deleted even if they are from people known to the employee.
Strong Security Systems: Over the years, companies that provide security solutions for ransomware have developed even better ways to protect businesses from this costly and time-consuming threat. You should research what is now available for ransomware to see if you can close any gaps you may have in your network.
Effective ransomware security always includes:
A strong firewall
Anti-malware tools that update automatically
Keeping your system current with patches and other updates
Security software that stops users from clicking on infected Websites
System Backups. Backing up your system is always the best way to protect your business. If your network becomes infected with ransomware, it needs to be wiped clean and restored from your backup. This lets you avoid having to pay a ransom in order to get your data back.
If you are conducting backups on-premise, you should make sure you can recover an image of the data for months in the past and keep multiple copies. Any backups made between the time of infection and when the attack is detected will be encrypted, and thus unrecoverable.
During the wipe-and-restoration process, however, the data is still inaccessible. So this could interrupt or virtually shut down your business while the data is being restored. This is why it’s more cost-effective to avoid being hit by ransomware than to have to recover from it.
Automatic Incremental Online Backups. Your businesses should keep at least one set of backups offsite. There are many companies offering offsite backups at very affordable rates, so this is easy to do. Offsite backups give you another restoration option that adds a valuable layer of protection to your business. Most online backup services let you set how many prior days or months of backups you want to be stored so you can easily restore from a network version that has not been encrypted by ransomware.
We can help you evaluate your firewall and other network security systems to help you make sure you significantly reduce the threat that your business will be hit by ransomware.