Protecting your business from ransomware
Posted: Fri, 01 Apr 2016 14:55
How would your business cope if employees were suddenly unable to access computers, files, or your network? Your customer database, emails, and that critical project due by the end of the week: all locked.
Work would be brought to a halt, I.T. would be inundated with panicked phone calls, and your communications team would be in crisis mode. You might be wiling to do almost anything to regain access to your critical files – which is why ransomware is a growing tactic for cybercriminals.
Ransomware blocks access to critical files or applications and asks users to pay to regain access. And, while in some cases it's clear to users that they're being held to ransom, messages often appear to come from governments, law enforcement, or even your own technical team – leading to payments made to cybercriminals.
Falling victim to ransomware creates a dilemma for businesses. Should you pay the criminals, with no guarantee they'll restore access, or should you go public, take the hit to your reputation and finances, but at least take control of the situation?
Clearly, the best approach is to avoid falling victim to ransomware in the first place. So, with cybersecurity firms warning of increasing ransomware attacks, how can you protect your business?
As with many cybersecurity threats, the answer is a combination of security software and education practices.
1. Keep software up to date
All businesses should use software to protect them from cyber threats which could lead to ransomware infection, such as spam email, unauthorised access, unsafe websites, and unsafe files.
But installing this software is just the beginning. Cybercriminals and tech companies are locked in a perpetual race to stay one step ahead of each other in discovering vulnerabilities. With more uncovered daily, it's crucial to keep security software updated, protecting your business from known and newly discovered vulnerabilities.
2. Train staff to be vigilant around email attachments
The most common way for computers to become infected with ransomware is through staff opening unsafe email attachments, a trend cybercriminals are increasingly creative in exploiting.
Recent examples include emails appearing to be speculative job applications with attached CVs, and documents ostensibly from the CEO or senior management; but even files attached to gobbledegook emails are opened alarmingly often.
Banning email attachments altogether isn't feasible and antivirus software isn't 100% effective at identifying viruses, especially when they can be hidden in seemingly innocuous files like Word documents or images. Combat this risk by training staff to recognise suspicious emails, check the email address of the sender is recognised, and to get verbal clarification from the sender if any suspicion arises.
3. Prevent access to unsafe websites and files
Another way ransomware finds its way onto your machines is when employees visit compromised websites or download unsafe files. We recommend limiting what sites staff can access so unsafe ones are automatically blocked, and only giving rights to download and install files to those employees who need them.
But even with these measures in place, employees often end up getting granted admin rights when they really shouldn't, just for convenience's sake, eventually resulting in cybersecurity issues.
Rectify this by making cybersecurity awareness a part of your business culture, ensuring people only have the access rights they need, and that they know what risks to look out for when browsing the web.
4. Implement a strong password policy
The above techniques are all designed to prevent cybercriminals from accessing your systems by the back door – but don't forget to lock the front with strong passwords.
A cybercriminal would only need to determine one employee's password to access your network and install any software they want. It could be as simple as methodically attempting to gain access with the most common passwords, words from dictionaries, or even using passwords seized from another site.
Prevent this by ensuring your employees understand good password practices such as ensuring passwords are hard to guess, using combinations of lower and uppercase characters, numbers and symbols, and using unique passwords for different websites.
5. Make technical support the first port of call for problems
In the unfortunate event that one of your employees falls victim to ransomware, they're likely to be shown an error message either asking for payment, to click a link or call a phone number.
Genuine error messages would never ask for payment, nor would they include manipulative language that's designed to incite fear in the user, and your employees should be aware of this.
If they ever receive error messages, their first port of call should always be technical support, who will be able to determine if the error message is genuine, and what action should be taken.
We offer a range of specialist cybersecurity eLearning including comprehensive courses on Data Protection and Information Security, and multiple bitesize micro-learning modules covering cybersecurity issues including phishing, password setting and social engineering.
Our cybersecurity courses are available individually or bundled in our Compliance Essentials Suite, and include our Astute eLearning Platform making it easy for you to achieve 100% organisational compliance.