Imagine the following scenario: you've arrived at your desk to get your working week started, you attempt to start up your computer but your computer has now become compromised by a ransomware attack. Unfortunately, this is a scenario that has become much too familiar to businesses and individuals, globally.
Recently we have seen an alarming number of ransomware attacks – like WannaCry, MacRansom and the latest, Petya – send shockwaves throughout the entire security world. Ransomware is a form of malware that infects devices, networks, and data centers. The aim of ransomware is to prevent the use of these devices until the organisation pays a ransom in exchange to have the system unlocked.
Company documents, employee and client privacy is a top priority for organisations so they need to ensure they are prepared and ready in case a ransomware was to strike. With cybercrime costing Australians $1 billion every year, private enterprises and public entities are looking for additional ways to better protect information and preserve the integrity of their data.
Here are three measures that can be taken to assist your company to prepare against a possible ransomware attack:
Backup your data
Backing up your data means you are one step ahead of your potential attacker. The point of a ransomware is to block the use of key systems, so by having data backed up, documents can be protected and continued to be used. Preferably, the backups should include not only your documents and records, but also critical business correspondence like emails.
One thing to note is that ransomware attackers sometimes target backup systems to encrypt and lock as well, by first gaining entry to the desktop. From here, they manually work their way through a network to get to servers. If your business decides not to back up to the cloud and instead backup to a local storage server or device, these should not be directly connected to the desktop and should be offline.
And of course, don't forget to scan your backups for vulnerabilities. It would be pointless transferring all your data onto a device that is always compromised.
Apply patches and updates
We've said it once and we'll say it again – patch, patch, patch! A vast majority of successful attacks exploit vulnerabilities that are months or years old, and for which patches have been available for a good while.
By regularly updating and patching your systems and applications, you minimise the number of avenues through which cyber attackers can compromise your business. So make sure the next time you receive a security update, you don't just wave it aside and tell yourself “later”, take the time to apply these updates and you could possibly be preventing the next Petya or WannaCry.
Learn when to say no
No one likes spam in their inbox, however, this is still a primary method that cyber attackers use to infect devices. The phishing attack involves spamming a victim's inbox with emails that contain malicious attachments or links. Most ransomware attacks begin with attachments or links opened through malicious emails so if you think an email is suspicious, delete it straight away. Email is still the number one source for malware and infection so make sure that your organisation has put in place an appropriate email security solution across your distributed environment.
With ransomware on the rise, best practice would be to learn when to say no to emails that could potentially infect not only your computer, but your entire company. The same goes for web security tools. These can be wired and wireless access, cloud-based security, and network segmentation strategies. These allow you to detect, isolate, and respond to threats found.
With the latest onslaught of global ransomware attacks impacting business operations all around the world, IT and security teams are under even more pressure to ensure their security measures are up to scratch. By preparing yourself and educating your team on the different forms of cyber threats lurking around, you can stand united against cyber criminals.