Ransomware is malicious software, typically spread by email, that infects a computer and then encrypts or locks down your data so it is no longer accessible. Unless you pay the ransom demand to have your files unlocked, within a time limit, your files will remain locked or be destroyed. Even paying the ransom doesn’t guarantee the hackers will make your data available again.
Ransomware has become one of the biggest security threats businesses face, no matter the size of the organization. Both the U.S. and Canada recently issued a cyber alert warning people, businesses and government agencies about the alarming increase in attacks from software such as Locky and Cerber.
Cyber thieves made $18 million from ransomware payments between April 2014 and June 2015.
So what can organizations do to protect themselves? Both technology and employee education is needed:
Is Your Business a Sitting Duck for Malicious Ransomware?
- Install local Antivirus Software with Behavioral Capabilities, meaning it not only filters out viruses and malware but it watches for suspicious events and warns users if it sees an abnormality or a threat.
- Ensure your Firewall is adequate. Your firewall should be a currently supported, business-class device to ensure the best protection. A firewall that also supports web content filtering is recommended to help block web sites which have known malicious content; possibly ransomware.
- Educate your staff. Since ransomware is spread mostly by user actions, education is critical. Users must understand that clicking on unknown email attachments or interacting with non-reputable websites is the source of the problem. The cyber criminals are clever, so infected attachments to emails will be disguised as purchase orders or order confirmations from an unknown source, parcel delivery notifications, fake logistics statements, etc. Once you’ve opened the attachment it’s generally too late.
- Have Offsite Data Backup. Ensure your data backup solution stores data in the cloud. This means your files will be safe if your internal network experiences a ransomware attack. Also ensure that backups occur daily to minimize any potential data loss.
- Restrict User Permissions. Employees can inadvertently open something they shouldn’t, but if their permissions are restricted such that they can’t run downloads, updates and installations, the likelihood of them accidentally allowing an infection into your network will be reduced.
- Keep your Network Patched. Your computer software should be kept current and patches kept up to date. Applications and operating systems that are not current are easy targets for attackers. Having a system in place that patches & updates Microsoft and common third-party software helps prevent all attacks; not just ransomware.
June 21, 2016 7:28:24 PM