How to protect your company against ransomware
There are three key facts you need to understand about ransomware. It’s already a significant threat. It’s a growing threat and it’s an expensive (and embarrassing threat).
The basics of ransomware
Ransomware encrypts essential data so that businesses are forced to pay the attackers a ransom in the hope of regaining access to it.
The mechanics of ransomware
At this point, ransomware infections still require some level of social engineering. Users are tricked into either visiting a compromised website or downloading a malicious attachment. This means that your first line of defense against ransomware is a combination of top-quality security software, robust internet-use policies, and user education - in that order.
Get the best security software you can find
Business-grade anti-malware protection should be seen as an investment rather than an expense. Make a point of checking that it offers specific protection against ransomware as well as the usual range of cybernasties (viruses, worms, trojans, etc).
Be prepared to get tough on internet use
The harsh reality of the matter is that you cannot expect busy people to undertake proper security checks before they visit a website or open an attachment. Most of the time, at best, you’re going to get a cursory glance. This means that you have to be robust about blocking people from taking dangerous actions and hope that human checks pick up anything you miss rather than vice versa.
To put this into context, several police departments have fallen victim to ransomware attacks. These include Tewksbury Police Department, Massachusetts (2014), Midlothian Village Police Department, Illinois (2015), Cocker Hill Police Department, Texas (2017), and Stuart Police Department, Florida (2019). If the police can be fooled by social engineering, then it’s probably safe to say that just about anyone can fall victim to it.
Because of this modern IT departments really need to take a “firm but fair” line on internet use. For example, they might want to start taking the line that the corporate internet is for business use only (and perhaps for a range of approved “social” sites) and nothing else. In the past, this might have been a tough line to walk in practice, but these days most people have smartphones with mobile data that they can use at their own risk.
Do your best to educate users
You can’t rely on users performing security checks, but it’s useful to teach them anyway. First of all, there’s always the possibility (however slight) that they may catch something your security software has missed. Secondly, it will help them to understand why the security protocols are in place. As a bonus, you will be giving them something of value they can take into their own life, which is always good for employee satisfaction.
Always be prepared
Even with top-quality protection in place, you still want to work on the assumption that you could fall victim to a ransomware attack and think about what you would do in that situation. The good news is that the key to recovering from a ransomware attack is to be able to restore from a data backup. You should be backing up your data anyway, so, in principle, your losses should be limited to the time wasted restoring from your data backup (although this is bad enough).
In practice, however, this will only hold true if you have an effective data backup system in place. To recap, you should be backing up all of your production data with an appropriate frequency. You should also be taking two data backups, one to be held locally and the other to be held off-site. If you’re working in the cloud then locally means in your main cloud and off-site is simply in some other location. If you’re in the public cloud, you absolutely must organize your own data backups rather than relying on the automated ones.
Keep sensitive data encrypted as much as possible
Encrypting data does not protect it against ransomware. Ransomware will simply encrypt it again so that you can’t use it. It will, however, stop cyberattackers from reading it. This means that they won’t be able to charge you to regain access to data which they then proceed to steal.
Never pay the ransom
It’s common knowledge that some high-profile organizations have paid a ransom in the hope of getting their data back. These have included at least two police departments. It is, however, a really bad idea. First of all, you have absolutely no guarantee that you will get your data back. Secondly, you will be financing the development of more sophisticated ransomware, to which you might fall victim at a later date.
Please click here now to start your free 30-day trial of Comodo AEP.