Ransomware has existed for decades however this blackmail method has been used increasingly by cyber criminals in recent times. How can you protect yourself against ransomware and what should you do if you fall victim?
What is ransomware
Ransomware is popular with cyber criminals because a lot of money can be earned by using this blackmail method. The damage is more than hundreds of millions of pounds. The amount of the ransom is being determined by the type and size of the organisation.
The high costs are not only due to the ransom demand but also because of, for example, the loss of productivity of your employees who are unable to work for several hours to days and the recovery and upgrade of the security of all devices after the block is lifted.
Ransomware strikes in various ways but it usually installs software that blocks a computer or files after opening a rogue email attachment or visiting a hacked website. In order to lift the blockade, a ransom (“ransom”) must be paid, usually in a currency that is difficult to trace, such as bitcoin. This makes it very difficult to identify the criminals.
How to prevent ransomware
There are different variants of ransomware, which deny access to your computer, your files, or both. In many cases, paying ransom is not recommended. Paying the ransom does not guarantee that you will regain access to your data.
As with all cyber security prevention is always better. Many security incidents can be prevented through prevention and the creation of awareness. Train employees on device and information security and show how cyber criminals work, preventing your organisation from becoming a victim of a cyber attack.
It must be clear within the organisation which sensitive data is being used and how it is protected against external attacks. Servers, networks and all (mobile) devices that employees use must have adequate security. This can be in the form of strong and unique passwords, antivirus, a firewall and / or a VPN that encrypts internet traffic and makes it more difficult to intercept data.
Also follow below tips below to reduce the risk of a ransomware infection.
- Train all staff in your organisation how to deal with unknown USB sticks, hard drives and suspicious e-mail attachments and make them aware on a regular basis.
- It is essential that you provide solid security on every device that is used in a business context. Including personal laptops and telephones. From an up-to-date virus scanner and firewall to secure passwords and encryption.
- Arrange network segmentation and firewalls so that part of the company network can be shut down in the event of an attack.
- Work with regular backups. This prevents data loss, because you can restore a backup from a moment before the infection after an attack. This is an effective step to minimise the damage caused by a ransomware attack.
- Appoint a number of ambassadors within your business to ensure that (the importance of) information security remains highlighted.
How to resolve a ransomware infection
What do you need to do when your business has been affected by ransomware? The recommendation is not to pay any ransom. However, it is important to take immediate action to limit the damage. Disconnect affected systems from the corporate network and identify the source / cause of the infection.
More and more security companies are making databases with keys public that you can use to regain access to the infected computers / data. So-called decryptors can be downloaded from the No More Ransom Project, set up by Europol, the National Police and Kaspersky Lab. This will possibly enable you to make encrypted files accessible again. This will not work for every form of ransomware, but it is worth a try.
Tech-Wales Business IT Support
At Tech-Wales we offer great business IT support combines with cyber security and online protection consultancy and services. We can provide you with quality IT support and set up or improve your business IT infrastructure to keep you safe from any attacks. Contact us today to discuss.