Protecting your business against ransomware is not only about investing in the latest security software, it requires good security practices and regular employee training. Read our top 10 tips to protect your business.
Ransomware has become the number one security concern for organisations. According to a survey by Osterman Research, 54% of businesses in the UK were targeted by ransomware last year. 58% of these businesses subsequently paid the ransom. Whilst small and medium sized businesses may think they are unattractive targets, this is not true. In reality, small businesses are often considered easier pickings with limited security provisions. How does this affect your business and what can you do about it? We shed light on the matter below.
What is Ransomware?
Ransomware is a type of malware that prevents or limits the use of your systems until a ransom is paid. Modern crypto-ransomware encrypts your files and requests an online ransom payment in return for a decryption key. There is no guarantee however that paying the ransom will get your files back. As always, prevention is better than cure.
How to protect your business?
Whilst justifiably a growing concern for businesses, the threat of ransomware is not insurmountable. As such, there are measures you can put in place to protect your business. Protecting against ransomware is not only about investing in the latest security software. It requires good security practices, regular employee training and a solid backup strategy. We offer our top 10 practical recommendations to protect against ransomware below.
Top 10 tips to protect against ransomware
- 1. Backup regularly and keep a recent backup copy off-site - this may be the only way to retrieve your data without paying the ransom.
- 2. Be careful about opening unfamiliar attachments - most Windows ransomware attacks are embedded in documents distributed as email attachments. Err on the side of caution and if in doubt, ask your IT support.
- 3. Limit administrator rights - don’t give employees more access than necessary and avoid browsing, opening documents or working whilst logged in as an administrator.
- 4. Update patches regularly - install patch updates as regularly as possible to reduce the risk of cybercriminals exploiting identified vulnerabilities in your software.
- 5. Increase employee awareness - educate your users on how to detect spear-phishing, social engineering and other suspicious websites. This will avoid them becoming the weak link in your systems.
- 6. Invest in layered security software - ensure you have up-to-date anti-malware and firewall software. Add additional layers of email and web protection as required.
- 7. Enable file extensions - this may require a change to your default Windows settings and will make it easier to identify less common file types.
- 8. Don’t enable macros - ransomware is often distributed via Office documents that trick users into enabling macros so don’t do this!
- 9. Segment the company network - separate functional areas with a firewall so that only required systems and services can be accessed.
- 10. Disconnect from Wi-Fi or unplug from the network immediately - If you run a file that you suspect may be ransomware, but have not yet seen the characteristic ransomware screen, act quickly! You may be able to stop communication with the C&C server before it finishes encrypting your files. Disconnect from the network immediately and you may mitigate the damage as it takes time to encrypt all your files. This technique however is not fool-proof. You might not be sufficiently lucky or able to move quickly enough, but disconnecting from the network may be better than doing nothing.
Summary
In conclusion, a multi-layered approach is key in how to protect against ransomware. Whilst security software is important, employee education and a solid backup strategy are equally important. Finally, it is worth remembering that it is illegal to pay a ransom used to fund or support terrorists. Whilst ransom payments in other scenarios are less clear, the recommended action is to consult with the police or other relevant law enforcement body, namely ActionFraud in the UK. For more information on how to protect against ransomware, please get in touch.