Ransomware has become one of the more insidious elements of malware. The financial costs to businesses in the UK is in the millions of pounds annually, and in the billions globally.
Given the serious nature and evolution of the ransomware threat, businesses cannot afford to ignore the risks. Clearly, a preventative approach is the best first line of defense and there are effective ways to maximize protection. These are four general categories.
By infiltrating computing systems via the internet, hackers can lock out a business’s data and files, holding the information hostage until receiving a payoff. Even with a payoff, there is no guarantee cyber criminals will relinquish the encryption codes necessary to recover frozen data. This type of cyber-attack is a denial-of-service attack (DoS).
One of the most powerful tools to protect against ransomware DoS attacks is anti-malware software. The anti-malware software scans the network, company-wide, on an automated, set schedule to reduce threats before they become big problems. The software companies that develop good anti-malware systems stay on top of threats as they evolve and update their anti-malware software often.
Best Practices for Employees
Implementing an ongoing awareness and training program is crucial for employees to understand what the online threats associated with ransomware consist of. One such threat that is crucial employees are aware of is phishing schemes. Scanning both incoming and outgoing emails helps protect against viruses and executable programs embedded in the script. Office document viewers for email are a safe way to initially check transmitted Microsoft Office files rather than opening them directly in the home application.
File sharing is a great resource, but it shouldn’t be a no-limits, free for all. Carefully manage and grant access to employees on a need to know basis, individually customized and timely. Tightly control access to administration files.
Avoid interfacing personal devices such as mobile phones, laptops, and flash drives on company platforms until they have received approval. Use established procedures that thoroughly vet all devices for potential ransomware. Use a properly configured firewall to block malicious sites.
All software and operating systems should undergo regular updates to manage and patch any security vulnerabilities. Usually, Windows network operating systems, and other platforms, perform this task on an automated schedule.
Backup and Recovery Plans
Automated cloud backups that run on a regular schedule are great to help keep data securely stored. Additionally, it is advisable to keep hard redundant backups, which can also run on an automated schedule. A good strategic plan to implement data recovery can make the restoration process efficient and timely.
As governments and companies identify ransomware threats, there are several preventative measures that businesses can take to protect themselves. Running anti-malware software, educating employees, maintaining updates, and being vigilant with backups are core essentials to an effective cyber-security program. Businesses in the UK that suspect they have fallen victim to a ransomware attack should report it at once to law enforcement and to the Action Fraud hotline.
Photo by Kevin Ku on Unsplash