Ransomware is malicious and dangerous software that will infect a computer, making users unable to use it or access encrypted files until a ransom is paid. Victims are extorted to pay the ransom demands when they see an alert – like a ransom note – on their computer, and are unable to access their data due to the encryption.
Ransomware exists because it works and depending on the backup of data or disaster recovery plan in an organization infected, parties often pay. Even insurance companies will often pay since it can be lower cost than recovery. Even though a lot of organizations have risked it and paid as they had no other alternative, keep in mind there is no guarantee the malicious party will release the data/encryption.
So, how can you protect against ransomware? There are a few things you can do to prevent getting infected – check out a few suggestions below.
1. Make sure your antivirus software is up to date for all systems in the network. This ensures your programs and devices have the latest security applications in place. If you don’t do that, your software gets outdated, and weak spots can form where you’re vulnerable for attack.
2. Scan and filter email before it gets to your users/devices. Always check who the message came from, and avoid clicking links from anyone you don’t know or a link you are not expecting from someone you do know. Capturing or separating fraudulent emails can and is very difficult, so it is a good idea to talk to an IT provider to help you adjust the security appropriately.
3. Make sure you have an effective backup strategy. It is extremely important that your business understands what your most important data is and have a backup strategy in place. Only then you can be sure that you will continue to safely operate, even when unforeseen events occur.
4. Train your employees to recognize suspicious emails. One careless click has the potential to compromise your entire network, so by promoting regular cybersecurity awareness training you can help employees understand the essential role everyone plays in protecting the company, and recognize or take appropriate action in case something suspicious shows up.
5. Make sure default passwords have been changed. Long pass phrases in lieu of passwords or the implementation of two-factor authentication, for example, add another layer of security, making your accounts and devices harder to hack.
6. Apply software patches to keep the computer up to date. A patch is a piece of software code that can be applied after the software program is installed to correct an issue with that program. There are patches for network devices, printers, others as well that can and should be applied.
7. Use security policies to configure your account. Do not use admin level ID on your computer and force it to prompt for admin credentials to install any kind of software. If you are using admin credentials, have your computer prompt you for any install that requires elevated privileges. Here is an example of what can be done for Windows https://bit.ly/37LQ1GV
All industries have been impacted by ransomware. Do not think because you are using a cloud storage system that you are protected. Ransomware often encrypts files locally and then these files are replicated to what is being used for cloud storage. It is still better to have a backup of any critical or important data.
In times of remote work, it’s essential to take online security seriously. Would you like to talk to an IT provider for assistance? Feel free to contact us for assistance: