Not every criminal is interested in stealing corporate secrets or downloading financial information. There are some who have little interest in navigating their way through the countless security walls put up by most businesses. They have found a much easier way to turn a profit -ransomware.
Instead of trying to make off with data that they can sell, they hold that data for ransom. If it is valuable enough to be protected by layers of security, surely it is valuable enough that a business would not want to risk its loss, right? In case you were wondering, the answer is yes – emphatically.
This is the idea behind ransomware – an insidious form of malware which has seen a huge upturn in use over the past several years.
“Ransomware is fast becoming a ubiquitous security threat, with nearly 40% of all businesses experiencing an attack in the past year, according to research from computer security firm Malwarebytes,” writes The Guardian’s Alex Hern. “Although not new, ransomware has rapidly risen in popularity as a method of attacking businesses and other organizations.”
Aside from the obvious steps – virus and spam protection on all corporate devices, for example – here are a few steps you can take to reduce the risk of your data being held for ransom.
1. Keep Your Systems Up To Date
Security patches and updates exist for a reason. Unless you know for a fact that an update will brick your system, never avoid applying one. Outdated or unpatched systems represent a huge security risk for your business, albeit one that is easily avoided.
2. Educate Your Employees
Something as harmless as opening a suspicious email attachment can wind up infesting your entire network with ransomware. It is therefore imperative that you instruct your employees on how to recognize phishing scams, as well as malicious emails or applications. The greater their understanding of the threats facing your business, the less likely they will be to put you at risk.
3. Secure Your Email Server
Even educated employees can make mistakes, and the more you can do to prevent those mistakes, the better. Incorporate antispam and antivirus solutions into your email server that automatically detect and block bad attachments and links. While this will not guarantee that you will avoid infection via ransomware, it can go a long way toward doing so.
4. Avoid Unsecured Connections
An unsecured wireless network can effectively function as an open door into your business’s firewall. According to research from Kaspersky Labs, 24.7% of Wi-Fi hotspots do not use encryption at all, and another 2% use WEP – which is functionally the same. If your employees access business resources through these networks, it will be a simple task for an attacker to install a nasty surprise on your server.
Giving employees a secure means of remote access is important, whether via SSH, VPN, FTP, or RDP.
5. Backup Your Data – And Protect Your Backups
Backup servers are the bane of ransomware developers. If you have reliable, automated off-site backups of the data a malicious program has encrypted, you can wipe the system, figure out how the infection happened, and prevent it from happening again. Then, it is simply a matter of re-downloading the data and re-installing your applications.
Inconvenient? Certainly. But much less so than having to pay a sum to a hacker.
Don’t Let Your Data Be Held For Ransom
Ransomware is a rising threat impacting every business and user on the web – and Liquid Web can help you protect your business from it. Our Virtual Private Servers offer all the security and power of a dedicated server with the flexibility of the cloud. And our ServerSecure service allows your business to tap into our security expertise, keeping your data safe and leaving you free to focus on what you do best.