Ransomware is one of the most common types of cybercrime today, with analysts estimating that every 14 seconds, a business falls victim to a ransomware attack. It has become an existential threat to modern businesses.
Today we take a closer look at ransomware – what it is, what makes it so dangerous, and what steps your business can take to protect your network against ransomware.
The spectre of ransomware
Ransomware is a particularly pernicious form of malware that restricts an individual or business’s access to their computer systems, data, and networks – usually by encrypting the data or locking the operating system.
Once ransomware has taken your digital resources hostage, it asks for a ransom payment to restore access. And the amounts demanded can be ruinous, with cybercriminals reportedly earning more than $1 billion yearly from ransom payments according to a 2020 study by AtlasVPN.
No one is safe from ransomware
No one is safe from ransomware. While there are cases of high-profile ransomware attacks that have been designed to specifically target larger companies, ransomware typically targets individuals and companies of all sizes indiscriminately.
Over 50% of all ransomware attacks start with a phishing email. However, ransomware infection can occur through any number of attack vectors, from email attachments, text messages and IMs to compromised web pages, pop-up ads and more sophisticated social engineering attacks.
Steps to reduce the risk of a ransomware attack
While the threat of ransomware has never been higher, there are steps you can take to safeguard yourself and your business from this threat:
Never click on unsafe links
Malicious agents will use URLs in emails and on compromised websites to redirect users and gain access to their systems. These links are often spelt very similarly to legitimate websites and can catch inattentive users unaware.
Avoid clicking on links in emails without verifying them and make sure that you’re alert to the danger when browsing online.
Avoid disclosing personal information
Ransomware hackers will routinely call, email, or text potential victims masquerading as legitimate contact to request personal information. They will then use the information to send you targeted phishing messages that you will be more likely to fall for.
Do not divulge any personal information or login credentials to anyone who you have not fully verified before speaking with them. This can be simple. For instance, if the ESB calls you to update your information, hang up and call them back on their registered phone number. Just ask to speak to the department that contacted you in the first place.
Don’t open suspicious email attachments
Be careful when opening email attachments, even from known senders. A good rule of thumb to follow is – “If you weren’t expecting it, don’t open it”. Your customers and supplies are not invulnerable to hacking so if you receive an unsolicited attachment, ignore it or confirm its content directly with your contact before clicking on it.
Be wary of executable and compressed (zipped) files as well. Files like these should be scanned with antivirus software to verify that it is clean before opening it.
Never use unknown USB keys
Do not insert unknown USB keys (or other storage devices) into your computer. Criminals may have infected them and placed them in public places to tempt you into using them. Even if it’s your friend’s USB, there is still a chance that they have connected it to a compromised device which you might then introduce to your own network.
Ensure your Operating System and apps are up to date
Older applications (particularly browsers) and operating systems are especially vulnerable and hence the target of most ransomware attacks. Always update them with the latest patches as soon as they are released. And if you use any software that the manufacturer has stopped supporting, it’s time to find a replacement.
Use cyber security tools and software
Use preventive software programs such as antivirus, firewalls, email filters, and VPNs to help keep your network secure. Avoid using public WiFi where possible, and never for sensitive transactions.
Backup your data regularly
Take regular backups of your data – this will help you recover faster if you do fall victim to a malware attack. Store the backups away from your company network and systems, preferably in a cloud service designed for this purpose.
Check out the 3–2–1 data backup rule of thumb for more.
What to do if you fall victim to a ransomware attack
You may fall victim to a ransomware attack even after taking all precautions you can think of. If this happens, do not panic. Here is what you should do to minimise the impact.
Isolate the ransomware threat
First, isolate the ransomware to prevent it from infecting other devices on your network. Shut down the infected system. Disconnect other mission-critical systems from the infected network as quickly as possible.
Identify the ransomware threat
The next step is to identify the type of malware. You can deal with the attack only after identifying the malware.
Integrate your systems to close gaps in your cyber security
When it comes to your cyber attack response, it’s important to make sure the different IT teams across your organisation are not working in silos but are integrated with a standardised approach to minimising and responding to cyber threats.
This will enable your business to respond holistically and consistently in the event of a ransomware attack.
Scale network design
The modern network design must be scaled to deal with the increasing volume of ransomware attacks. IT teams and infrastructure should be augmented with outsourced expertise where required and every team member should be upskilled on cyber security threats.
Calnet IT Solutions – the Managed Service Provider for your IT business needs
Ransomware attacks are incredibly destructive. They can disrupt your business, damage you financially, and tarnish your reputation. But taking these steps to keep your network and systems secure, and training your staff to prevent and respond to threats should help you to minimise your exposure to the risks involved.
So if you are considering enlisting the help of an experienced team of experts to keep your business safe from ransomware while you focus on growing your business, you should speak to our team today.
At Calnet IT Solutions, we provide professional IT support for businesses of all sizes as part of our overall managed IT services. Our cybersecurity services can give you the peace of mind you need to get on with running your business smoothly.
Our team has decades of experience and can keep your network secure and equip your staff to handle any situation, so get in touch today or check out our blog and other resources to learn more about the latest trends in cybersecurity.