The Need for Protection Against Ransomware
Ransomware is a type of malware that extorts the victim into paying up a sum of money to regain access to their computer system. Ransomware does that by using crypto virology to hold their files hostage and gain access to important or sensitive information. The victim is forced to pay a ransom (hence, the name) to prevent their sensitive data from being released or to regain access to their files. In 2016 alone, ransomware attacks have cost end-users and businesses millions of dollars, prompting the authorities to take action. By 2019, the damages that were done by ransomware already reached $11.5 billion.
Ransomware is typically spread through phishing attacks in which the victim is tricked into clicking malicious links to fake or compromised websites, or into opening malicious email attachments. Once the system gets infected, the severity of the attack ranges from files being encrypted to the user getting locked out of their own computer completely. In either case, a pop-up window will appear informing the victim that they need to pay a certain amount of money to regain access to their system. Some ransomware programs impersonate governmental agencies to look more legitimate and double the level of intimidation. Ransomware is known to be able to replicate itself from computer to computer. Therefore, an infected computer connected to a network could cause all networked computers to get infected.
With ransomware attacks getting more complicated and on the rise, it’s imperative for businesses and end-users to educate themselves on the best practices to protect themselves.
Top Tips from Industry Experts Regarding Ransomware Protection
Protect and Be Ready to Respond
We interviewed Sarah McAvoy from CyberUnlocked and that was her top tip regarding ransomware protection strategy. Ransomware has been around for a long time and it’s not going anywhere anytime soon. The best protection strategy that businesses must adopt is learning to be proactive. Sarah added that companies should have an in-depth defense strategy that includes anti-ransomware products like EDR and an up-to-date response plan. Using a single tool or out-of-date response plan is simply not enough. Since ransomware is constantly evolving, your protection strategy should be the same. You need state-of-the-art decryption software and a backup recovery plan in place just in case the worst scenario happens.
Train Your Staff to Recognize Ransom Attacks
Brandon Christensen from V&C Solutions emphasizes the importance of staff training when it comes to ransomware protection: “Our top tip is to train your staff and have a running campaign of fake ransomware emails that tracks who opens and who clicks and who enters data. Then have a focused training, in addition, with those that did not just delete and or report the fakes.”
With email being one of the most common methods of spreading malware, giving your employees a proper cyber awareness education will probably save your organization from a lot of potential agonies.
Train your employees how to recognize phishing attacks by inspecting email headers, checking links in emails, and not opening unknown attachments. Training needs to be conducted on an ongoing basis to keep employees up-to-date with the latest developments in cybersecurity.
Macros embedded in emails are also known to be a popular ransomware carrier. Recent Microsoft Office versions have macros disabled by default. However, your employees still need to be aware of this risk and take appropriate actions.
Isolate an Infected Workstation from the Network as Soon as Possible
Alexander Freund from 4IT who offers IT support Miami organizations rely on, emphasizes the importance of quick actions when it comes to ransomware prevention and protection: “My top tip is a piece of software (Third-wall.com) that specifically detects and isolates an infected workstation from the network the workstation is attached to. When the software is installed, it adds some nonsense Microsoft Office files to the workstations hard drive that act as a “honey pot”. The software monitors those files, and if the files are modified in any way, the software isolates the workstation. Unfortunately, this software is designed for commercial use on corporate networks.” His tip is an important piece of advice for companies with a network of connected computers. Ransomware is known to be able to infect all connected computers in a network once a single computer gets infected. The sooner you act, the less damage can be done.
How to Correctly Back up Your Data?
Backing up your data regularly and correctly can make a difference between a catastrophic ransomware attack that drives you out of business to a merely fifteen-minute disruption to your service. In 2019, Baltimore’s governmental servers got hacked into and the hackers demanded a ransom of $76,000. The city’s officials were adamant and refused to comply. However, the problem was that they didn’t have a backup of their data. In the aftermath, they ended up paying $18.2 million to get their system up and running on their own! It would have been different had they had a working backed-up version of their system elsewhere.
In most ransomware cases, the financial losses were caused by a lack of proper backups. Otherwise, you would be able to restore all the data and resume the system in a matter of minutes or hours.
And no, by saying “correctly back up your data” we don’t mean relying on your hosting service’s backups. If the backups are stored on the same servers where your original data is stored, the hackers will gain access to your backups once they get to your original data. You need a product like CodeGuard that properly backs up your data on a separate platform.
As you can see, the ability to protect your business against ransomware attacks correlates directly with having a proactive and updated action plan. As the saying goes: “Prevention is better than cure”. Don’t wait till ransomware gets to you to start taking action. If your business still doesn’t have a secure backup plan in place, or you think your cybersecurity protection could be improved, don’t hesitate to reach out to your IT services team and get advice from their experts!