Protecting your Business against Ransomware
How to increase your security and reduce the chances of a cyber-attack
Published May 16, 2017
The past month brought an increased interest in ransomware, a malicious program that targets vulnerable computers and networks, encrypts their data, and then demands an anonymous payment to unlock access to the infected computer. The ransomware program WannaCry has recently brought worldwide computer networks to a screeching halt, networks which include hospitals and government organizations. It also affected businesses. If your business runs on a non-updated computer or unsupported software, you may be considered vulnerable to WannaCry and other ransomware, not to mention viruses and data breaches.
Fortunately, there are ways to protect your business and reduce your risk of becoming a victim. While this is not meant to be an all-inclusive guide, these few tips can help you think more seriously about business security.
Update your tech
The WannaCry ransomware exploited a weakness within the Windows operating system that was patched – fixed via updates – back in March. Computers that ran on unsupported software like Windows XP or were not updated via Windows Update since the patch was released were the targets of this attack. Fortunately, for those computers that are still running Windows XP, Microsoft has provided a free security update. While upgrading to a still-supported system like Windows 7, Windows 8, or Windows 10 is the best choice if you would like to remain on Windows, downloading and installing the security patch is encouraged if you cannot upgrade from Windows XP at this time. If you are running a supported version of Windows, run Windows Update.
Practice or improve cyber awareness
While opening an attachment from a spam e-mail message or unknown address is a known bad practice, scammers and hackers are becoming more creative and their methods much more deceptive. Earlier this month, a phishing attack disguised itself as a legitimate e-mail from a contact in the recipient’s address book, impersonated Google, and attempted to gain access to the user’s Google Drive and Gmail account. This phishing worm replicated itself by sending out an e-mail to the now-infected user’s contact list and spread exponentially. While Google took action and had the situation under control within an hour, this attack reinforced the idea that constant vigilance is important when using/storing/accessing any data on the internet.
Use caution when opening e-mails, even if they are from trusted sources, and check website URLs before clicking links within an e-mail. Be sure to install a trusted antivirus and scan your computer weekly for malware, spyware, or other cyber intruders. Train your employees as well: one infected computer can bring down an entire network if certain vulnerabilities are found.
Back up your data. Then, back it up again
Oftentimes, the only solution to a ransomware infection is to completely re-install the operating system along with any other software that was on the machine. Doing a clean install can take hours or even days depending on how much data was lost due to the infection. By having multiple backups, including one local storage, such as an external hard drive, and one off-site server through a trusted hosting provider, the transition back to business-as-usual can be hastened.
While no security system is perfect, and new viruses, exploits, and worms appear daily, taking precautions can save you and your company thousands of lost hours and headaches. If you feel as though your computer or network was compromised, contact your IT department or provider immediately.