Ransomware is one of the biggest threats in today's digital world. It encrypts your files and holds them hostage until you pay the ransome. It is a billion dollar business that is different than any traditional digital attack.
Prevention is key.
The attack can come from many different sources. Having your employees trained on how to avoid and mitigate if they are exposed to Ransomware is key to minimizing the effect Ransomware can have on your company.
Training your staff is the first step. You can have the best IT vendor and all the bells and whistles of security features, but you are only as strong as your weakest link. Avoid suspicious emails and links. Don't open attachments from people that you don't know, or open an invoice from a company you have never heard of. They are using a phishing attack hoping that users will click on the links and open attachments. Because they are relying on the end user to execute their malicious code, they are going to make the link and emails look legit. If you are unsure, it's always best to consult with your IT vendor to ensure you are not exposing the company to a security risk.
Unfortunately even with all the prep and prevention, you are still at risk. If you open something and immediately realize it's malicious you should immediately shut the computer down or unplug the network cable. Because businesses typically have all data stored on shared drives on the server, that data can be impacted as well. So you can see how devastating an attack like this can have for businesses!
Your first goal should be to stop it as soon as possible to prevent as much damage as possible. The second step would be to call your IT vendor ASAP! They will need to remove the code, access the damage, and hopefully restore from backups! Third would be to let your staff know how you were exposed, so they are aware and don't fall victim to the same trap.
Always have a good backup solution. This is good practice in general. With technology being the back bone of businesses today, how would your company recover if they had a loss of data? From hardware failures, corruption, or security attacks like Ransomware, your data is at risk. It's important to decide how much data you can lose, and still recover. With that approach you can determine what the best backup solution would be for your business. For our average client, we recommend doing hourly backups with both onsite and offsite replication. This recommendation varies based on connectivity and hardware restraints, as well as client needs.
Having a good IT Vendor can make a difference! There is so much changing on a daily basis, that unless you are in the industry you just can't know everything. Having a good IT vendor should be a priority for businesses, let them focus on the technology so you can focus on your business.
Your vendor should provide the following services:
- Asset Management: Knowing what is connected to the network at all times.
- Hardware and Software Updates: Keeping everything upto date will minimize the security risk. Keeping patches upto date closes the door on some of your security risks.
- Backups: You should have a backup solution in place, and it should be maintained on a regular basis. We have seen many times with new clients where they thought they had a backup solution and they didn't. Your IT vendor should have backups as a priority and ensure their integrity!
- Security Appliances and Software: Your IT vendor should put in place every security feature they can within your companies budget. You should have a firewall and anti-virus. Whitelisting
- Restrict Admin Rights: No user should have Admin rights. Generally only the IT vendor and a management personel would have the admin credentials. By preventing users from being able to download as they please this will prevent most security risks.
- Disaster Recovery Plan: You are never free from risk, so you should always have a plan on how your business would handle and recover if you disaster struck!
How to Mitigate a Security Attack
Your business has limited choices if you are exposed to Ransomware.
- If it is a common malware, there may be decryption steps online.
- Restore from backups.
- Pay the ransom and hope you get the decryption key.
You can never be completely risk free, so prevention and backups are a must! Get a good IT vendor that can ensure you are protected, educated, and have a disaster recovery plan.