With the ever-increasing frequency in attacks, it's likely many of us will be targeted by ransomware
Because it’s relatively inexpensive to develop and launch
ransomware – and a single item of crypto-malware can generate massive revenue –
the volume of this type of attack is increasing.
When it comes to dealing with the risk of a ransomware
attack, you can choose either to cross your fingers and hope for the best, or
take active steps to mitigate the risks of being attacked and the possible
consequences
With the ever-increasing frequency in attacks, it's
likely that many of us will be targeted at some stage, so here are some steps
you can take to both reduce the likelihood of being affected by ransomware, and
lessen the impact should the worst happen.
Back up data regularly
Almost all businesses will already have data back up
policies. However, it's essential to back up data onto an offline backup
subsystem rather than just copying files to another ‘live’ system on your
corporate network, otherwise ransomware will be able to affect your backup
files. A ‘back up and disconnect’ policy is worth considering, so that data
isn’t being copied onto a permanently connected file server.
Personal users tend to back up on a more infrequent
basis, so it's important to establish a regular backup routine across all
devices. It's currently impossible to decipher files properly encrypted by
modern crypto-malware, so the only way to save your data from a successful
ransomware attack is through regular file backups.
Use a reliable security solution
There are a wide range of antivirus solutions available for
both business and personal use; see our recommendations for the best antivirus
tools available this year.
For businesses, an anti-ransomware solution that's able
to protect shared folders should also be considered. Some solutions leave hosts
inside the security perimeter unprotected, meaning that any cryptor penetrating
via email or a vulnerable browser will also affect shared folders on corporate
servers. Under this scenario, only server-side security software can defend the
data.
Whichever tool you choose, it should be turned on at all
times, with as many security layers enabled as possible.
Always keep software updated on all the devices you use
Ransomware doesn’t just affect PCs. Security software
needs to be able to protect Mac computers, virtual machines and mobile devices,
as well as email systems. Keeping this software up to date is a vital part of
remaining secure, as updates are regularly released to combat new strains of
malware.
Although it can be tempting to skip app and security
updates and install them later, it's easy to forget and updates for some apps
contain vital patches against vulnerabilities which could be exploited by cyber
criminals. Resist the temptation to ignore the update warnings to ensure device
apps are as up-to-date as possible.
Educate employees and IT teams
People are often the most vulnerable element. Businesses
should teach their employees about IT security basics, including raising
awareness of phishing and spear-phishing and the security implications of
opening any email attachment that looks suspicious.
There's no such
thing as being over-careful; even if an email looks like it's from a trusted
source, it's worth checking with a simple phone call to the sender if there are
unexpected attachments or links present.
Source
Comments
Post a Comment