How to Prevent a Ransomware Attack
It seems like you can’t go online these days without hearing about a new security breach or ransomware sweeping the country. And it’s not surprising. According to leading cybersecurity experts, 2019 saw a 74% increase in the number of reported ransomware attacks. This security “epidemic” is affecting businesses of all sizes and industries, and it shows no signs of slowing down.
So, what exactly is ransomware?
At its basics, ransomware is a type of malicious cyberattack that gains access to your computer or network, encrypts your data, and then holds it for “ransom” in exchange for a decryption key.
What makes ransomware so difficult is that each new “strain” targets your network and data differently. These cyberattacks continue to grow in scale, maturity, and complexity. So to help you both prevent and control a possible ransomware attack, we’re sharing best practices for keeping yourself protected and steps to take if the worst happens.
How to Prevent a CyberAttack
- Keep your software up-to-date. There is a reason software companies push out updates. It’s to give you the latest patches and protections. Running on old software makes you more susceptible to breaches.
8 ways dated technology is holding your business back.
- This also includes your operating system. If you’re putting off upgrading your OS because of compatibility or system integrations, you have much larger vulnerability concerns on your hands.
- Train your team on security best practices. This should always include an email training. Never open links or attachments from unknown sources, and be cautious of any attachments asking you to enable macros unless it is from someone you trust.
- Always, always back-up your system data. Regular back-ups are an essential part of any business continuity plan, and should you be breached by ransomware, you can rest assured that your data can be restored with little disruption to your day-to-day operations.
- Look to the cloud. While early on, the cloud had a reputation of being less safe than traditional on-premises systems, this is actually far from true. Cloud software and services have built-in back-ups that will allow you to “revert back” to previous versions before you were infected.
What to do if you get ransomware
If you even suspect a virus or ransomware attack, disconnect your computer from your network and internet immediately. This will help to contain the threat and will prevent the malware from spreading to other devices in your environment.
remove the malware
Your first step will be to remove the malicious software from your system. This is often relatively simple since the nature of a ransomware attack is to target your data, not your device.
check your Back-up
That brings us to your data. Ransomware uses advanced cryptography to hold your data “hostage,” rendering it unusable. The good news? If you are regularly performing network back-ups, you’ll be able to restore your system will little loss of data – often just a day or two. The bad news? If you do not have a current or complete back-up to restore, it won’t be so easy.
Should you pay?
Should you pay the ransom to get your data back? While we typically do not recommend paying for your encrypted data, this is not a simple yes or no answer. Even law enforcement agencies have changed their tune in recent years on this topic. The interesting trend in ransomware is that some of these cybercriminals almost operate like a merchant. Some even have reviews proving that they delivered the decryption key after payment and tout their customer service!
This question is really becoming more case-by-case. A lot of it boils down to the quality of your back-ups and the impact of lost data. It’s important to “check your ego” in these situations and ask yourself the following questions.
- Can you recover your data?
- What is the impact on your business if you have to start over?
- What’s the financial impact if you don’t pay up? Think about your lost data, productivity, et al.
Just like in poker, it’s good to “know when to hold ’em and know when to fold ’em.”
So how do you get your data back if you don’t pay up? Your best bet is to look for remediation help. Experienced security engineers will be able to recover your system and patch the network vulnerability that allowed for the cyberattack in the first place. When looking for an IT service provider, look for experience in system patches, endpoint protection, email and firewall security, as well as disaster recovery. There are a number of IT service providers out there. Be sure to do your homework; ask for their stats and client referrals.
Ready to secure your business?
Take our 12 question quiz to give your IT environment a quick “health check.”
Or better yet? Get in touch with our team!