Looking for ways to proactively protect your business from ransomware?
Not all criminals steal corporate secrets or download financial information. Hackers have found a new way to make a dollar on the backs of small and large businesses alike.
And that way is through ransomware.
How Does Ransomware Work?
Once an attacker is able to install ransomware on a personal or business PC, hackers can begin to extort users to pay for access to their own computers. Instead of trying to make off with data that they can sell, they hold that data for ransom.
Their mentality is that if the data is valuable enough to be protected by layers of security, then surely it is valuable enough that the business would not want to risk its loss. And the business may even pay for its safe return.
Ransomware is virtual kidnapping.
This is the idea behind ransomware – an insidious form of malware which has seen a huge upturn in use over the past several years. Whether the data is personal files, business or accounting information, or a set of passwords, data can be incredibly valuable to its owner.
And anyone can be a target of ransomware, as evident by an ransomware attack over the holidays to an unpatched PulseSecure VPN with Travelex.
It doesn’t matter if you are a small business, a casual computer user, or a corporation with security in place. If there is a weak link in the chain, an attacker can compromise a system and wreak havoc against your business.
Ransomware attacks take the same form as many other hacking attempts. They often occur through phishing emails or rogue downloads that may look like official releases.
All it takes for ransomware to take effect is that an executable is able to run on a computer.
Ransomware attacks can be fast and deadly, quickly encrypting all files on your computer or even worse, your organization. User’s often restart their PCs or turn them off instantly, and hackers have even added a function to deal with this. Most of the time files won’t be encrypted until the computer or server is restarted, effectively locking the user out of the entire system.
Liquid Web’s blog is full of useful tips on how to secure your infrastructure. Subscribe now to get the latest right into your inbox.
Now that we are aware of the dangers of ransomware, how can we protect ourselves from it and secure our systems and users in a way to lessen the risk?
Ransomware: How Can You Protect Your Organization
Keeping your business and technology secure starts with a few basic things– having virus and spam protection on all corporate devices, for example. But just because some of the measures we take seem like common sense, there is no single foolproof method to protect your company.
However, incorporating these steps into your business-wide security practices will certainly help you avoid disastrous and unexpected situations.
Here are a few steps you can take to reduce the risk of your data being held for ransom.
1. Keep All Systems Up To Date
Security patches and updates are vital for security in our tech-driven world.
Unless you know that an update will absolutely brick your system, you should always be applying the latest patches and updates for software and operating systems. Outdated or unpatched systems represent a huge security risk for your business, even though it can easily be avoided.
Most attackers go for “low-hanging fruit”. Systems that are connected to the internet and don’t have the latest updates and patches are the first targets.”
Hackers most likely didn’t target you or your business directly to find a vulnerable computer; your PC may have been one of many random targets a hacker is randomly attacking.
2. Educate Your Employees
Something as harmless as opening a suspicious email attachment can wind up infecting your entire network with ransomware.
It’s imperative that you instruct your employees on how to recognize phishing attempts and what could be a malicious email or application. The more they understand the threats facing your business, the less likely they will be to put you at risk unintentionally.
Educating employees on proper security practices and guidelines for your organization can help stop a dire situation from happening, and get any suspicious activity in the hands of your security team. Even the best antivirus programs will not detect every threat, so a well-versed employee is one of the most effective measures to prevent the threat of ransomware.
3. Secure Your Server and Email
Even educated employees can make mistakes, and the more you can do to prevent those mistakes, the better.
By incorporating anti-spam and anti-virus solutions into your email server and networked computers, you have a tool that can automatically detect and block bad attachments and executables from being downloaded or running.”
While this will not guarantee that you will avoid infections from ransomware, it can go a long way in protecting even the most vulnerable systems.
Reducing the amount of incoming spam will help your organization lower the amount of times that risky attachments ever get to your user’s mailbox. This lessens the chances that an employee can even make a questionable decision.
Having anti-virus installed works much the same way. Up-to-date antivirus software can detect malicious executables before they are ran on a system, stopping a bad attachment that was downloaded, for example.
Antivirus and spam protection is never foolproof, but can be a last line of defense if an attack was imminent.
At Liquid Web, using our proprietary ServerSecure software and additional antivirus solutions can help protect and remediate systems from the dangers of ransomware.
4. Avoid Unsecured and Public Connections
An unsecured wireless network can be an open door into your organization’s network.
According to research from Kaspersky Labs, 24.7% of WiFi hotspots do not use encryption at all, and another 2% use WEP – which is functionally the same.”
If your employees access business resources through these unencrypted networks, it would be easy for an attacker to install malicious files to your servers.
Giving employees a secure means of remote access is important, whether you need to use SSH, VPN, FTP, or RDP. That way, even if a user accesses business-resources from an unsecured connection, there is a secure and encrypted layer between the insecure network and potentially malicious attackers.
VPNs are a common way companies navigate these risks.
A secured VPN connection puts another secure server in between user’s and your network’s resources. Your IT team should be able to handle this setup.
5. Backup Your Data – And Protect Your Backups Off-Site
Backup servers are the bane of ransomware developers. With a working backup, ransomware is no longer effective.
If you have reliable and automated off-site backups of your data, even if a hacker encrypts everything on your server, you have daily or hourly copies stored on another network via encrypted channels.
If an attack takes place and compromises your network or a handful of computers, you can immediately take everything offline, secure your network by updating passwords and firmware, and restore your last unaffected backups.
By downloading and scanning your backups for problems, or by identifying how an attack occurred, you can safely and securely bring your old files back and not lose more than an hour or a day’s worth of data.