How to protect your organisation from Ransomware
Posted by Jez Nolan
With the recent hack of Travelex, ransomware is making mainstream news once again. But what exactly is it and how can you avoid falling victim? How do you protect your organisation from ransomware?
Ransomware is one of the biggest threats to your business. It’s behind 56% of malware attacks and has cost businesses more than $8 billion in the past year.
The UK alone saw a 195% increase in reported incidents, reflected in an estimated 6.4 million ransomware attacks in the first of half 2019 – which makes it the most targeted region in the world behind the US.
Regardless of how big your company is, the size its workforce, the industry in which you operate, or the data you hold, you are vulnerable to ransomware. It is a universal threat.
In order to avoid the same fate as many others, your business needs to establish the right tools in order to protect itself.
What is ransomware and how does it work?
Ransomware is a malicious software that takes over your computer or network.
The route in for this malware is typically through human error and technical security weaknesses.
Attackers can spread the software through email attachments, infected external storage devices and websites.
Three common methods are:
- Attaching an infected document or URL to an email, disguising it as legitimate.
- A ‘drive-by’ malware item hidden in online content.
Once the software is downloaded it renders all your data useless, taking over the device or network and encrypting files so they’re no longer accessible.
Victims will then be requested to pay a ransom for the decryption key, usually in Bitcoin on the Dark Web.
How do I avoid ransomware?
In order to prevent ransomware attacks, your business must be proactive in its approach to security.
Individuals at your company need to be aware of how ransomware works, so they can implement the proper procedures needed to stop it from occurring.
Take a look at 5 steps your business can take to prevent ransomware below:
Have a backup (+ Risk Assessment + BCDR plan)
Always ensure data is backed up. Whether you are still backing up locally, or you are using a Cloud solution, the software should tell you it has successfully backed up. After all, if it hasn’t backed up properly, you won’t be able to restore it.
If your main backup solution is still on-site, be sure to have regular copies going off-site. If something happens to your office and you cannot physically get to your backup device, how are you going to restore the data. Some ransomware is clever enough to find your local backups and encrypt them too. It is better to be safe than sorry.
Backups should also be scanned for infection. With these scans working in tandem with your email scanning (see next point), you are doing what you can to ensure infections don’t get onto your backups.
Risk Assessment – how are you going to know the risks your business is exposed to without spending time thinking them through? You need a documented list of all the risks your business is exposed to and how to deal with them. Most of these items will flow through into your BCDR Plan.
BCDR – Business Continuity and Disaster Recovery. You will need a written plan that everyone is aware of that is regularly tested. Make sure you have all you bases covered. You need to think through all the possible scenarios of data, people, systems, site loss etc and plan for every eventuality so your business can either keep trading or at least be up and running again in a sensible amount of time.
Install Anti-Ransomware Software
One of the first things you need to do is install a ransomware protection tool. This provides a strong first line of defence on your system.
Go for a well-established brand that specifically gives ransomware protection – including proactive defence against zero-day attacks and a specially encrypted folder to keep your most important data safe. N.B. Most do not actually prevent against ransomware itself. You may need something in addition to your Endpoint Protection – a true ‘belt and braces’ approach.
Email security technology is also very important for preventing ransomware, as it’s commonly delivered through email. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content as well as scams such as Phishing and CEO Fraud/Whaling.
A decent solution will filter email communications through URL defences and attachment sandboxing to identify threats and block them.
Train Employees and Educate Yourself
More often than not – a ransomware attack is down to poor human cybersecurity practices.
Ransomware makes the most of user’s inattentiveness.
Unfortunately, security software isn’t the be-all-and-end-all – human vigilance is vital for a secure system.
You, and your employees, must recognise the signs of an attack:
- Never click on unverified links
- Do not open untrusted email attachments
- Only download from sites your trust
- Avoid giving out personal data
Regular security awareness training can be the difference between a safe system and vulnerable one.
Be Sure Systems and Software are Up to Date
Some programmes and software have automatic updates – others don’t.
Regardless, you must check all software connected to your business operations is kept up to date.
Attackers can very easily exploit vulnerabilities in out of date software.
Updates to your operating system and software will include new virus definitions, patches, and bug updates – these are critical security measures that you cannot afford to ignore.
Ensure you can restore
We have already discussed the need for backups, but they are useless unless you are confident you can restore from them.
Work with your IT provider to ensure that regular restore tests are carried out. With ransomware often targeting your backups, you need to be confident you can restore quickly, without re-installing infected data.
Don’t forget a Risk Assessment and tried and tested BCDR Plan is extremely important. If you don’t have one or the task is too daunting at least make a start – put something on paper.
These are just some of the steps your business can take to implement IT security measures against ransomware attacks.
If you are looking for expert guidance on how to sure up your system against such cyber threats, or to create Risk Assessments or BCDR Plans, then get in touch with the team at Ingenious here or call on 020 3745 6630.