If you run a business and want to avoid having to pay out to recover your data here are ten ways to protect your business from ransomware.
Ransomware is a particular insidious way hackers try to attack your business and extort money from you. It is becoming so popular that ransomware attacks now outnumber malware attacks.
We have all heard of WannaCry, NotPetya and Cryptolocker but there are lots more types of ransomware out there. We have also heard of high profile companies suffering at the hands of such attacks. This guide will show you how to avoid hitting the headlines yourself.
What is ransomware?
Ransomware is exactly what it says it is. Malicious software that holds you to ransom. Picture the scene, you are working on a presentation for a client and are close to finishing a week’s worth of work. You go for a coffee and come back to see a warning notice on your desktop.
‘The files on your computer have been encrypted. You have 72 hours to submit payment to receive the encryption key. Otherwise your files will be permanently deleted.’
That is ransomware.
There are two main forms of ransomware with a few derivatives of each. Encryption ransomware will encrypt your hard drive and will only unlock it when you pay a set amount of Bitcoins to a given address. Locker ransomware will lock you out of your computer completely and will only accept input once a decryption key is entered.
How does ransomware infect computers?
Ransomware has a few attack vectors but the most common is via email. Those who make ransomware, or spread it use social engineering to trick users into opening the email and allowing the code to infect that computer. If the computer is part of a network, the code can then spread to other connected devices.
Ransomware can also injected into free downloadable software, hide in infected websites, arrive as drive-by downloads (secretly downloaded when visiting an infected website) or malvertising campaigns.
How to protect your business from ransomware
There are some practical measures every business can take that will protect you from ransomware. It will also help protect you from most forms of viruses or malware.
1. Take regular backups
The first thing you need to realize about IT is that there is no such thing as total security. Something will inevitably happen at some point. Having a recent backup or clone of your hard drive can allow you to quickly pick up the pieces and rebuild when it does. If you have a backup, you don’t have to pay the ransom, just wipe the drive and rebuild it.
2. Use antivirus and malware scanners
Using a good quality antivirus solution and a separate malware scanner is essential. They should be installed on all connected computers and allowed to scan and update automatically.
A firewall can be a hardware device connected directly to your internet connection or a software program installed on each device. Use at least one, preferably one of each. Firewalls filter traffic in and out of your network, can spot suspicious activity and block it quickly.
4. Keep your systems up to date
Allow operating system to update automatically and allow all installed programs to do the same. Regular security patching and bug fixes can close loopholes that malware uses to penetrate your network.
5. Train staff
Prevention is always better than cure. Train staff what to look out for and to not open emails or attachments if they don’t know the sender. Teach good internet hygiene and enforce that training regularly.
6. Have robust IT policies
IT policies work alongside education to provide the framework within which your staff can operate. Cover fair use, downloads, social media and online behavior and then enforce those policies in a firm but fair way.
7. Lock down computers
Removing admin accounts, disabling remote desktop, locking down AppData and LocalData files, using UAC, disabling cloud storage sites, USB ports and other ways users can get into trouble helps them help you.
8. Traffic filtering
Traffic filtering blocks protocols such as bit torrent, websites you don’t want users to access during work hours, chat applications, social networks and anything you specify. It is a very effective way to maintain control of your network.
9. Be aware of current risks
Knowing what the current risks are and what versions or malware or ransomware is doing the rounds is key to avoiding them. If you understand their primary attack vectors, you can take steps to bolstering your defenses.
10. Outsource your IT security if necessary
If you don’t have the time or expertise to adequately protect your business from cyber threats, find someone who does. While an operating cost, it is also an investment. Being infected with ransomware will cost you something, Bitcoins, time, data or all three.
You can never completely protect yourself against ransomware but follow these ten tips and you will minimize your chances of being infected. Good luck out there!