Ransomware: Prevention is better than cure

There’s a new kid on the IT block and it’s not a nice one… Ransomware is a fairly new threat to your computer systems but it appears to be growing fast. Recent research across the UK, the US, Germany and Canada has identified that nearly 40% of businesses have experienced a ransomware attack in the past year. Small and medium size businesses are particularly at risk, because they may lack the resources.

What is ransomware?

Ransomware is a type of malware attack, where your data becomes encrypted and you can no longer access it unless you pay a ransom. However, there is no guarantee that you will regain access to your data even if you pay the ransom. In other words, a typical catch-22 situation you want to avoid finding yourself into.

Who’s at risk?

Virtually, any type of business. Research to date indicates that attacks seem to be more frequent on companies involved with financial services and healthcare. One of the reasons may be that healthcare workers often use personal digital assistants (PDAs), thus making them more vulnerable to attacks as this is an area of IT security that’s often overlooked.

Prevention is the best cure!

Recovering data encrypted by a ransomware attack is almost impossible, so prevention is the best approach.

Firstly, speak to your IT people about implementing a comprehensive back-up solution; also checking that endpoint security is in place; and possibly limiting end user access to mapped drives. There are a number of technology-based solutions your IT team (or IT contractor) will be able to put in place to minimise the risks.

In addition to improving cybersecurity, you need educate your employees. It’s been shown that almost half of the attacks to date originated from email. Your IT Policy should clearly set out what users do when faced with email spam or phishing emails; how to handle unknown or suspicious file attachments; restrictions on third party downloads etc. – if your business doesn’t yet have a formal IT Policy document, these issues should at least be covered in a shorter “Internet & Email Policy” given to all employees. I can help you with both.

Finally, consider formalizing business continuity guidelines and procedures, should the worse happen. Have a response plan in place to specifically address ransomware, including the steps you need to take if it is detected.

Take proactive steps to minimise ransomware attacks

Ransomware is becoming more popular than traditional cyberattacks, where hackers needed to find a “buyer” for the stolen data. In the case of ransomware, the cyber crooks already have a buyer: the legitimate owner of the data who’s often not in a position to negotiate!

Your employees are one of the weakest link in your organisation’s security system, in most cases due to lack of training and awareness. By educating them about what ransomware is, and what they can do to stop it from happening, you will improve the first line of defence in your business.

Training your employees on information security practices and awareness is an ongoing process, as threats are continually evolving. Having a formal IT Policy, or at the very least, an “Internet & Email Usage” policy for your business will ensure that all your employees, new and not-so-new, are aware of the possibility of ransomware attacks and how they can help prevent them.

Will 2017 be the year you put in place the IT policy you’ve been talking about? Can I help you make your employees better aware of ransomware and IT best practice in general? Why not email cecile@cecilescaros.com and see how we can work together on this?

cecile

Post a comment