As cyber criminals get craftier by the day, the pressure to protect our data from them gets heavier as well. Criminals attempt to hack into your system through malware, and ransomware is just one of many.
What ransomware does is encrypt the victim’s data once it’s infiltrated the system.
The victim will not access their data unless they pay the ransom.
The only remedy for this problem is to implement ransomware prevention solutions such as staff training, data backup, up-to-date software, and restriction policies. This is to prevent ransomware and other types of viruses from spreading throughout your network and disrupting your business.
In this article, we'll cover critical ransomware prevention tips to protect your data from criminals.
Paying the ransom should never be an option.
According to the Australian Cyber Security Centre (ACSC), there is no assurance that you’ll get your data back even after paying the ransom. When you pay the ransom, you either receive the decryption key or never receive one at all.
Experts say that businesses should never pay the ransom.
Although data loss can create problems for a business, financing their business model would only encourage cyber criminals to keep doing illegal activities and increase ransom demands.
To help abolish the ransomware business model, you should:
- Never pay the ransom
- Implement strict security measures into your business operations
- Establish data backup in case of an attack
You might be at risk of ransomware.
According to a report by the Australian Institute of Criminology (AIC), there was an increase in ransomware attacks on small to medium enterprises (SMEs).
They’re now twice as likely to become victims of ransomware attacks compared to recent years. Ransomware victims also vary by industry. This statistic, along with the increase in ransomware attacks due to employees working from home, has led to the overall increase of ransomware victims across Australia.
Ransomware can infect your computer through different channels. Ransomware usually spreads through phishing emails, malicious websites, pirated software, and software vulnerabilities. Without taking extra precautionary steps, such as network segmentation and software restriction policies, criminals can move freely throughout your system, take hold of your data, and demand ransom.
Ransomware Prevention Tips
The best way to protect yourself and your business against ransomware are always through prevention.
Reducing your risk to ransomware is never an easy task, but your data is indeed worth the effort.
Below, I’ve highlighted the top ten ransomware prevention tips that encompass different aspects of your IT that should give you a head you a big head start against malicious actors.
1. Implement company-wide security awareness training.
Awareness of ransomware and other malicious software should be at the top of your cyber security checklist.
You have the most sophisticated IT security in the world, but your employee, unaware of the existence of phishing emails, got one on their work email.
Ignorant of the consequences, they opened the attachment and activated the ransomware on their work computer, encrypting all their data and locking them out of their system.
The scenario above is an example of a lack of security awareness training among employees. It only takes one person to open your business to various cyber threats and security risks.
To prevent a ransomware attack like the scenario above, conduct security awareness training sessions for your employees at least twice a year. This company-wide effort should educate your staff about the potential dangers on the internet, how to spot them, and the appropriate action plans in case of a breach. Lastly, create simulations to test your employees’ familiarity with malware attacks, especially phishing emails.
2. Keep (offline & virtual) backups of your data.
Although we're fans of virtual backups, relying on them alone might do more harm than good.
Having multiple backups, ideally, a USB drive that’s stored and secured offsite is a great option to have in case your live and virtual data is held for ransom by malicious actors.
Your offsite backup will help you get your business up and running again after you’ve wiped your system clean of ransomware. Backups are one of the most reliable ways to recover from ransomware without giving in to ransomware demands.
3. Know everything in your network.
What hardware and software assets do you have in your network?
Keeping an inventory of every device and application in your network will help you identify the infected machine and isolate it immediately. This way, you can prevent the ransomware from spreading throughout your network.
This process will also ease up your efforts on keeping hardware and software up to date. To do so, build a comprehensive list of your network inventory so you can easily track the assets that need updating.
4. Ensure operating systems, software, and applications are updated.
Software companies implement patches and updates to their products to fix issues, such as security vulnerabilities. We recommend that you enable auto-updates on all your software and applications, so you’ll automatically have all the latest software version updates.
By not updating your software programs with the latest patches, cybercriminals will find vulnerabilities in a piece of code. This process will allow them to install ransomware or other types of viruses into your machine. That’s why you need to ensure that you’ve taken care of all possible security vulnerabilities on your cyber security plan.
With this, you can focus on alleviating the problem in case of an attack.
5. Think before you click.
Malicious links are not only spread through phishing emails. They can also spread via social media sites and text messages.
If your account’s been hacked, your contacts will get weird messages from you containing links to malicious websites. The best defence against this is to not click on any suspicious links, even if they’re from a family or work colleague. If you’ve checked the link and still have second thoughts, reach out to them through a different communication network to verify its authenticity.
6. Keep spam at arm’s length with anti-spam and filters.
Ransomware and its variants are usually spread through emails pretending to be attachments. They might come in either Excel spreadsheets, Word documents, PDF files, and Zip folders. The usual file formats businesses use regularly. Take note that they can also come in other file types.
The best way to prevent this ransomware attack is to turn on your anti-spam filters and configure your mail server to block emails that contain specific file extensions or attachments that contains malware. Doing this will effectively block phishing emails. This is most effective if used alongside a threat intelligence platform, which will track and organise threat intel data.
7. Be wary of suspicious email attachments (even if they’re from your colleagues).
More and more people are falling victim to phishing emails.
Cybercriminals are clever.
They create socially engineered emails pretending to be a government agency, law enforcement, bank, or even someone you know to get you to open the attachment and activate the ransomware on your computer.
Their emails usually create this sense of urgency to panic the receiver and get them to follow their demands right away.
To prevent this ransomware attack from spreading into your network, you will need to be very careful with email attachments – even if they pass your anti-spam filters. You can verify these to the sender by reaching out to them via a different communications channel if the email was legit or not.
8. Implement Password Management 101.
Are you sure your account credentials are safe and secured?
Did you know that 90% of small and medium businesses have some combination of stolen account credentials for sale on the Dark Web?
To reduce the chances of hackers successfully infiltrating accounts and confidential data, businesses must strengthen their IT security. Shockingly, it mostly starts with proper password management.
Use strong and unique passwords.
We recommend that you use strong and unique passwords for each of your accounts. Preferably at least ten characters long with a combination of uppercase and lowercase letters, numbers, and symbols.
This way, hackers will have a hard time decoding your account, and you have fewer chances of being a victim of brute force attacks.
If your password is predictable and altogether weak, your account will surely be one of many that will be hacked or sold on the dark web. Aside from initial brute force attacks, hackers can even deploy secondary attacks which will end up accessing the network where they will establish the ransomware.
Use multi-factor authentication.
Remember that annoying code that you must enter after logging in?
Well, that code is the one that protects your account from unwarranted access and other types of attacks.
Even if cybercriminals have your credentials, they still won’t access your data since the system will require another set of authentication codes only sent to your email or phone number.
9. Only use remote services when necessary.
Since there was a rise in remote desktop protocol (RDP) users, there is also an increase in ransomware attacks through remote services. It’s best to disable remote services to prevent hackers from executing remote ransomware attacks on your network.
In case you need to use RDP, change the default port 3389. Create a private port that is password-protected to prevent any unauthorised access from deploying anything (such as ransomware) into your network. Limit access to these ports as well. Only share them with trusted employees.
To be extra sure, check with your IT service provider for any unused RDP ports in your cloud environment settings as well.
10. Keep an eye out for threats and suspicious activities.
Constant monitoring is also a key component of ransomware prevention.
Implementing various security solutions into your business, such as anti-virus, backup, and cyber security awareness is only the first part of a long battle against ransomware attacks.
Coordinate an incident response plan with your IT department. Figure out the ideal responses just in case your business is hit with an attack to minimise damage as much as possible.
Always be on the lookout for any possible threats or suspicious behaviours that might compromise your data security. Use monitoring tools and scanners now and then to find any dormant malware hiding in your system just waiting to attack.
Now that you already know the best defense against ransomware, the only problem that remains is where you start.
There are a lot of things to consider when it comes to cyber security.
Let our cyber security experts guide you to the right path. Signup for a complimentary IT Health Check here.
Our experts will help you find technological vulnerabilities, provide you with a business IT risk assessment, and a mitigation plan to protect you from cyber threats like ransomware.