You hear about it all the time, from your tech people to the evening news. Ransomware attacks seem be everywhere and it seems like there’s a new and nastier version out every day. The truth is that ransomware is very popular with criminals and it can be very difficult to beat once you’ve been infected. It is possible to prevent ransomware from getting onto your network in the first place and perhaps reset your system if you do get infected. Here’s what you need to know:
What is ransomware?
As a concept, ransomware is fairly simple. A criminal uses a piece of email that prompts someone to open a link or download an attachment to carry out the attack. The malware that is at that link or on the attachment contains instructions to encrypt the entire network. As the malware crawls over the network, it locks down all of the files, the software – everything.
A message appears on all of the infected screens that tells the owner to call a number or send money to an account number. In exchange, the criminals will send or apply an encryption key that will release the data.
The encryption system that they use is nearly unbreakable, being the same level of encryption that most banks and military installations use.
Why are ransomware attacks so popular?
One reason that ransomware has become so popular is that there are automated ransomware designers on the dark web. Anyone can go to one of these designers-as-a-service and create ransomware that they then deploy to the world. Ransomware is also popular for another reason, it gets cash for the criminal. Once you’ve paid the ransom, they might release your computers. You have no guarantee – and they’ve gotten away with your cash.
As much fun as simply destroying things is, the bad guys like getting money even more. There are even some indications that ransomware attacks are being used to fund terrorism and drug cartels.
Avoiding ransomware attacks
Over 90% of ransomware ends up in your network via email. It can be business email accounts or personal email accounts. Once someone has accessed that email and either downloaded an attachment or clicked a link, you’ve got ransomware in your network.
There are a number of steps that you can follow to prevent ransomware from ever making it onto your network:
Most importantly, educate your people to never download anything unless they are 100% positive that they know where the email comes from. They should never open unsolicited emails or follow instructions in an email that seems out of place.
2) Next Generation Anti-Virus
Use a “next generation” antivirus program. Most anti-virus programs wait for an update to protect you from a new threat. Those downloads need to be prompted by the company that made the software. With next-gen antivirus, the system updates itself by tracking activity around the world 24/7 as well as actively scanning your network all the time rather than being activated by a user or the clock. Furthermore, most next-gen antivirus programs are cloud-based so any program updates can be handled instantly by the provider.
3) Regular and Consistent Backups
Make sure you backup at regular intervals. While most people know that they should back up their systems, few individuals and small businesses actually do. Larger businesses have begun to catch on. If you have a backup of your system that is current enough, your tech people can scrub your system and restore you to just a couple of hours before the attack.
4) 24/7 Monitoring
Get constant monitoring. Hire an outside firm or create an in-house team to monitor your network 24 hours a day. It can make a huge difference. They will be able to spot an attack, often before anyone else notices, enabling them to stop it before it spreads too far. This type of monitoring is especially effective against brute force attacks, where a hacker attempts to enter your system from the outside.
What to do when your system is held ransom?
If your system is infected, you’ll usually see the ransom message appear on one screen first, then another. The good news is that, if you are lucky, there might be a way to recover your files without paying the ransom.
Worst case scenario: you need a technology team to reset your computers and network.
The most important point
This is the most important point of them all: with proper security awareness training, your company can avoid 90% or more ransomware attacks. That is why security awareness training is crucial for your business!
Your employee security awareness training should include:
Building awareness of the different types of scams out there: phishing, whaling, spear phishing, and more. With frequent news of cyber security breaches and hacks, one would be forgiven for thinking that people would know what is out there. But generally they don’t. And with businesses having security software and various technical precautions people may think they are pretty safe. But a lot of security breaches happen because of human mistakes that security software, no matter what kind, can’t do anything about. Furthermore, security breaches in businesses often originate with the hacker gaining access to an employee’s private account, and from there getting into the business network. Therefore, effective cyber security awareness training of your employees cannot be underestimated.
Know what to do in case of a ransomware attack. Computers and networks that are turned off don’t spread infection. You’ll want to listen to your own security staff, but for the most part, turning everything off is the first step once you discover you’ve been hacked.
Train your staff on the importance of email and social media policies. The policies that are put in place are designed to protect not only their devices but the company’s network overall. Make sure they are clear on what to do and what not to do.
Ransomware attacks and the 21st century
The idea that anyone with internet access and the ability to get to the dark web can create a ransomware program means that it’s likely that this type of activity won’t stop any time soon. Proactive efforts could save you and your organisation a lot of pain and hassle.
Ongoing education, next-generation antivirus protection, and cloud-based email programs are a significant leap forward in protecting your business. And, once again, education, education, education!