Ransomware is malware designed to hold data hostage on a device and then demand a ransom to decrypt or recover files. Ransomware can occur in multiple forms – some can be easily reversed by an experienced IT professional to those that encrypt files without prospect of recovery. Most variations, when installed, will display a message demanding payment and include instructions on how to pay. However, paying the ransom does not guarantee that you will receive a decryption key or other software to recover your files. And, it encourages the criminals to continue their efforts. Ransomware has been a threat for several years, with increasing concern more recently considering the sophistication of attacks, software involved, and the severe risk of data loss.
Risk Reduction: Most devices are not immune to malware and with the rising popularity of ransomware, the risk potential grows. Below are several methods that will help limit exposure and ultimately quell any threats.
- Limit Exposure
Educate users on potential threats and provide best practices when threats are encountered or suspected. Most ransomware is spread through email and files that seem legitimate. However, a closer inspection is a simple, yet effective response. Do not open, forward, or reply to email where the sender is unknown. In some cases, email can be spoofed and appear to be from a known contact or contain a subject, attachment, or link that appears urgent or important. The best practices to follow in this situation include:
- Ask an IT professional for advice and/or
- Delete the email.
If the email was legitimate, the sender can simply resend. No harm done. If it was a threat, the IT professional can assess the threat, scan your system for additional threats, and blacklist the sender to avoid future scams. If the choice is to delete, then a crisis is averted.
A companywide policy should be simple and easy to follow, yet completely cover all the various threat entry points, warning signs, and procedures. The policy should be endorsed and emphasized by all top management so as the importance of the security endeavor is stressed to all employees.
- Proactive Security
Keep security software up to date. An enterprise security solution may include an antivirus program where virus definitions are updated on a regular basis by a management server. This type of preventative maintenance is at the top of the list for simple and effective exposure limitation. Reviewing your security software on a regular basis will be rewarding in the long run.
If an enterprise solution is not an option for your organization, there are numerous flavors of low or no cost antivirus programs available. However, keep in mind that the cost of a solution is insignificant when compared to the potential impact of a disastrous ransomware attack.
Mobile devices can also be impacted. Only installing confirmed, qualified programs is your best method of prevention.
- Backup Everything
Backups and images. Although security software updates and best practices are essential, they don’t always protect you from the newest, most modern types of ransomware. An almost foolproof way of protecting data is to back it up and image your devices on a regular basis. An extensive array of enterprise backup solutions are available that allow for simple configuration and minimal maintenance. We recommend these solutions for environments and servers that contain essential files and services. Images will allow for a complete restore of a system with minimal downtime.
Cloud based software is available to provide an additional layer of protection in case of total disaster, like a fire or flood. In addition, mobile devices typically have built in software or services that can be used as an effective tool for remote employees.
Ransomware is a security threat that should not be taken lightly. This associated risk provides the impetus to follow the recommendations above and strengthen any security policies and procedures you currently have in place. A massive ransomware attack could cripple a company that is light on or unconcerned with security. Limiting risk exposure, updated security software, and backups/images are three essential components to providing a long lasting, highly effective, secure environment for any sized business that wants to thrive in today’s complex web of cyber threats.