Cyber criminals have been attempting to extort money from individuals and companies for many years, and the latest attempt to take advantage of others is by using Ransomware, virus who infects a computer when a user clicks a link and unknowingly downloads a malicious file that criminals use to lock you out of your computer.
How Ransomware Works?
Generally ransomware is being delivered through email. Cyber criminals usually send an attachment such as “URGENT ACCOUNT INFO” with a file extension of “.PDF.zip” or “.PDF.rar”, and when is clicked delivers the payload. Also some other ways are through infected web sites which can be set up with the sole purpose of infecting your computer or with P2P downloads.
This attack often encrypts the entire hard disk or the documents, (some of the less damaging forms simply block your access to the computer, but do not encrypt) and requires a bitcoin payment to unlock. If the ransom isn’t paid the files are destroyed and seemingly lost forever.
Who does ransomware affect?
Any institutions or company that have critical files or systems are potential targets for ransomware attackers. With smaller companies becoming attractive targets to cyber criminals due to their perceived lower levels of protection, no one is immune to the danger of ransomware. Even healthcare facilities such as Medical Centers or major companies like Sony and eBay have been hit with ransomware and had to pay to unlock their systems. And if you don’t think your business is a target due to its small size, you’re wrong. Ransomware does not care about the size or status of your business, it cares about one thing: How much money are you willing to pay to get your data back?
Best Practices for Ransomware Protection
Protecting ransomware attacks on businesses starts with increasing network security. Network security consists of hardware and software protection including antivirus software with the latest security updates on all computers and devices within the business in addition to hardware firewall protection. Other hardware components can include business class routers, wireless access points with firewall features for protection.
Migrating business email accounts to a cloud platform, such as Microsoft Office 365 will help minimize vulnerabilities to the local network and increase network security.
If you are running Windows XP , Vista, or Windows 7 you should immediately update your system to Windows 10 or buy a new computer. Microsoft is no longer supporting these versions of Windows and continuing to use them makes you a prime target for cyber-attacks.
Restrict administrative rights on endpoints. Limit the ability of employees who do not need the authority to install software and limit the access of employees to that data to which they need access.
Unfortunately, there is no way to 100% prevent ransomware attacks. But, according to many cyber security experts, the best way businesses can defend against ransomware attacks is a regular and validated data and systems backup. While most business think they are backing up data, many may not be aware how ineffective their backup programs are. To protect against ransomware, it is vital to regularly backup data and systems. Eliminating ransomware will require wiping the system, so a system-state backup or snapshot is essential to rapidly recover.The more frequent the backup, the less data is lost. So, backup frequency should be determined based on the strategic importance of the data and how much data the organization can afford to lose.
How can ITAF help you?
If you need help with protecting your business and your brand from ransomware, contact ITAF. Our security experts can help you with installing and maintaining some of the most effective protection against ransomware, helping to defend your business from the lasting effects of malware attacks.