Ransomware attacks can hit any business. It doesn’t matter how big you are, how small you are, what you do, whether you’re public or private. If you have any type of data, you’re at risk. You could be targeted, your data could be locked away behind an encryption key, and you might be left with no choice but to pay the ransom sum.
There is never going to be a totally fool-proof way to protect against ransomware. But you can get close. These are some ways to protect your organisation against ransomware.
We’ll start with perhaps the most important tip of all. It’s something you should be doing anyway, regardless of the ransomware threat possibility. And that’s backing up the data. Your backups need to be frequent and frequently tested. It’s all well and good thinking everything is fine, but have you actually checked the backups are functional and good to recover from? Also, make sure those backups are useful – make sure their separate from your primary systems, have inbuilt redundancy, and that you know how to recover from them.
Not only should your backups be secured, but so should every device in your structure. Keep all the software updated to benefit from the latest security patches, run antivirus to detect and destroy any threats, and keep a strong firewall. If there’s a week device in your operation, it will be targeted. Everything needs to be up-to-date.
You should also look at disabling any processes that you don’t need or could do without. Volume Shadow Copy Service is a common Windows service that gets used in ransomware attacks. You might also want to look into disabling things like Windows Script Host, PowerShell and file sharing. Only critical services that serve a purpose should be enabled.
On that note, you can have the most secure devices in the world, but they could still be compromised if your employees aren’t aware of threats. They should not reveal their personal information to those they don’t know. They should know how to recognise suspicious emails. Things can sneak through your layers of protection, so test your staff regularly on this. Send out fake phishing emails and track how many people click through.
If your staff are outside of the office network, get them to use a VPN to connect to any data or systems that they need to access. Communications can be hijacked, so it’s best to route all networking through a central business VPN to reduce the chances of that happening.
Finally, if you do suffer a ransomware attack, paying the ransom should be your last resort. Even if you do pay the ransom, there’s no guarantee that you’ll actually get your data back. The attackers are under no obligation to do anything. Paying it also fuels ransomware attacks for other businesses because the attackers know they can get a pay out. If you’ve followed the above advice, you should be in a strong enough position to not have to pay and restore from your backups.
This is How to Protect Yourself From Ransomware Attacks
No comments yet. Sign in to add the first!