Encrypting your precious data and demanding payment for its release, hackers are using ransomware as yet another way to fleece unsuspecting businesses.
Too boring to be suspicious
Ransomware comes in different forms. However, the basic game plan is always the same: hackers aim to trick someone in your organisation into opening an infected attachment or clicking on a malicious link.
Rather than trying to entice victims with a promise of riches that sounds too good to be true, hackers instead rely on spoof emails that seem too mundane to be fake. They often masquerade as unpaid bills or outstanding fines. They hope that you’ll take the bait without thinking twice.
This approach makes ransomware detection difficult using traditional spam and malware filtering alone. Scams can blend in among the legitimate bills in your inbox.
As with many security threats, your people are the weakest link in the chain. However, they can also be your last line of defence. Your ransomware protection efforts should include awareness training to help your staff identify scams. You should also have processes in place to ensure requests for payment are forwarded to authorised finance staff. These staff should be well-versed in the tricks employed by scammers.
Strengthen your defences
It’s important to keep your spam, malware and virus protections up-to-date. Additionally, you should install the latest updates and security patches on your machines. Some ransomware variants rely on known vulnerabilities in Windows that have already been patched by Microsoft.
Limiting user permissions on staff computers, rather than granting everyone Administrator rights by default, can also help limit the damage caused by ransomware. Building on this, you might employ perimeter ransomware protection, including Unified Threat Management for inbound and outbound protection.
Backups are your ransomware insurance policy
Once ransomware gets a foothold on a computer, it starts encrypting important files, like Office documents. It might also attempt to spread throughout your organization. It does this by infecting other computers and servers as well as attached storage and network drives.
Should your business fall victim to an attack, you don’t want to hand over your money. Doing so would just embolden scammers to continue with such attacks. There’s no guarantee they’ll actually relinquish control of your files.
The best response is to roll back time, putting your disaster recovery plan into action and restoring your computers to a previous state. At this point you can recover your files from backups and get back to work.
Of course, if you only back up your important files once a week, then you’ve still lost a week’s work. This can be a major blow to the business. That’s why you need a more robust, business-grade backup system that minimises downtime and reduces the amount of work lost if you’re forced to call upon your backups.
Your backup regime also needs to include off-site backups. These protect against ransomware as well as disasters like fire, flood or theft that might strike your office and claim on-site backups.
As the threat continues to grow, it’s vital your business takes the time to prepare for the worst. It’s too late to put ransomware defences into place after it gets a foothold in your office.
Want to improve ransomware detection and ransomware protection in your business? Contact TechBrain today!