If the last few years in technology have taught us anything, it’s that nobody anywhere is safe from malware infections–especially if it’s ransomware. While 2016 proved to us that a botnet mixed with a high amount of poorly made devices can shut down the US’s internet in for a whole day, 2017 is proving that this is just the least of our worries.
Any device that’s connected to the internet is at risk of infection, because hackers have been more diligent than the companies that manufacture devices. The new trend in cybercrime is what’s called “ransomware,” a type of virus that locks up and encrypts your computer and files, and threatens to delete everything if you don’t pay the criminal in Bitcoin within a certain amount of time. Hospitals, due to the critical nature of their information infrastructures, are constant targets for criminals. Indeed, the world just narrowly missed being crippled by a gigantic outbreak, which was defused in somewhat of a fluke–but the potential for another massive cyber attack remains.
So what can you and your company do to prevent yourselves from becoming another cyber crime statistic? Here are the four steps to take to protect yourself from a ransomware attack.
1. Back Up Everything
The best defense against ransomware is preparation–because once you’re infected, there’s really nothing you can do short of paying the attacker’s ransom. Therefore, developing a good data recovery strategy is essential to protection from ransomware, and that begins with backing up anything that you can’t afford to lose. Ideally, you should be performing system backups regularly, as in every 24 hours if people are using your systems daily. In the case that you do fall victim to infection, do a system restore from your most recent backup and you’ll be right as rain–otherwise, you’re either going to have to pay, or stomach losing massive amounts (years-worth, potentially) of data.
2. Disconnect if Infected
If you do get infected, make sure that you or your administrators immediately shut down and disconnect most of your network. This includes Bluetooth and Wi-Fi on machines that were connected to the network previously, is more a measure of containment than anything. Your next move will be to see if Kaspersky Labs has documented the type of ransomware that you’ve been hit with and to check if they have a decryptor to unlock your files. If the strain of ransomware is documented, you may stand a chance of recovering those files without paying the ransom.
3. Patch, Block, and Invest in Security Products
Unfortunately, no security product is going to be able to stop every ransomware strain out there, because not all ransomware strains have been identified yet. However, some things like whitelisting software can help deter attacks by scanning a machine, noting the approved software that is already running, and then preventing any unauthorized software from installing or running.
Beyond third party security software, making sure to keep your own software updated and patched is crucial. Hackers are looking for vulnerabilities in every new piece of software that comes out, and once they are discovered and exploited, developers and software companies release patches to keep their users safe. Foregoing patches and updates is a surefire way to get infected on a connected device.
4. Educate Your End Users
Even though this is the last point on the list, it’s arguably just as important as any of the others, because it involves the gateway and progenitor of most company infections: the employee, aka the end user.
What most people need to know about modern day infections is that they usually begin with phishing attacks that involve links in emails from unknown senders. Even more insidiously, one new type of ransomware gives you another option outside of paying the ransom: infect other users yourself. While never perfect, educating employees to scan links and attachments for malware before clicking them can help to reduce infections drastically.
The reality is that most companies in the modern era will suffer an infection. It’s not a matter of “if” but rather or “when,” and since most companies are unable to do anything after they’re infected, everything about thwarting a cyberattack in the modern era comes down to preparation. Don’t get caught with your pants down, back up your systems, install your updates, and educate your end-users–your very business might depend on it.