One of the most prevalent threats facing many businesses today is the threat of ransomware.
What is Ransomware?
Ransomware is a computer virus that can spread across your network, lock computers and encrypt your data, crippling your business until you pay the predetermined ransom for decryption. Usually, the attackers will request payment through cryptocurrency on a timely basis, and if it is not paid off, the data can be permanently lost/stolen. Even if the ransom is paid, your organization and all of your data is in the hand’s of the hacker. Once inside an organization, if the right protections are not setup, ransomware can spread from computer to computer until your entire network is locked up and all your important data is inaccessible. These attacks are getting more and more sophisticated and more popular over the past few years and can be potentially life-threatening to your business. Even worse, businesses such as hospitals, where human lives are dependent on computers and network devices can face enormous challenges if infected with ransomware. Hackers know how valuable your network and your data is and will charge as much as they think they can get paid from panicked and unprepared business owners.
How to protect your organization
With the threat of ransomware becoming more and more sophisticated, the protections that organizations must have in place are also becoming more complicated. This being said, having a basic cyber security framework for your organization will stop most threats. All devices on your network should have the latest OS and security updates installed. These devices should also have Anti-virus that updates attacks signatures on a regular basis. Malware is constantly changing and there are always new vulnerabilities to exploit. Using automatic updates and patch management for anti-virus and all exploitable software on the company network is very important. The IT or Security department should also have a record of every single device in the company connecting to the internet as well as information regarding it’s operating system and anti-virus.
Basic employee security awareness training can also be very helpful in protecting your organization. Make sure your employees can recognize potentially harmful phishing emails to stop the problem before it breaches your network. Read more on the importance of security awareness here.
Another important step in protecting your organization is backing up and encrypting your data regularly. All new and important data on your network should be backed up almost immediately to reduce the chances of it being lost. A very important, widely known concept in IT is the 3-2-1 backup rule for protecting data. Your data should have 3 different copies on at least two different devices and one of these should be kept off-site. This rule can help safeguard data from many unforeseen incidents, including ransomware.
Separating your network for computers and devices that do not need to communicate together can also pay benefits if your organization is ever breached. Ransomware can spread across a network very quickly, but if data is segmented across your network correctly, it can add a layer of resiliency to your business. Devices and data that is critical to your business needs to have extra layers of security measures in place for protection against malicious actors.
Always plan ahead! Does you company have a plan in place if it were to be hit by ransomware? Sufficient backups need to be in place if this were to happen so that the business can get back up and running as quickly as possible without jeopardizing your business. Infected devices need to be taken off the network as quickly as possible to limit the damage from an attack and keep the computer virus from spreading. Even after these devices are taken offline, extra precautions need to be taken to ensure that hackers do not have remote access to anything on your network.