How to avoid ransomware attacks: 10 tips
Ransomware attacks – an especially sinister type of malware often delivered through spear-phishing emails that lock up valuable data assets and demand a ransom to release them – are a rapidly-growing security threat. We all remember what happened with the Wannacry attack on the NHS back in 2017. But large organisations are not the only targets for ransomware attacks. SMEs have also been targeted; we just don’t hear about it in the news.
So what can you do to prevent an attack? Well, not much – but you can make it harder for an attack to succeed.
To prevent a ransomware attack
- Keep an inventory of your computers, software and other IT infrastructure. Large businesses have these to support their accounting practices; we as SMEs should have the same. Knowing what you have and where it is located means attackers can’t attack a system you don’t know about.
- Patch operating systems, firmware and software applications. Wannacry was successful because of a known security vulnerability in an application for which a patch was available but had not been applied
- Back up all information every day. Include all the computers and servers on-site and employee devices (if they are allowed to use their own). In case of a successful attack, you can recover this information.
- Back up all information to a secure, offsite location – standard best practice for backups.
- If you have employees or other people working in your business, split up your network and data storage so that data is only accessible to people who need it.
- Train staff on cybersecurity practices. Attend one of our Cybersecurity seminars.
- Have an internal communication strategy: Let your staff know if an attack breaches your network.
- Before an attack happens, decide what your response will be. Will you pay the ransom, or have you a plan to recover some other way. This decision should be part of your business continuity plan.
- Run a test. Pretend that there is an attack and test your business continuity plan.
- Get penetration tests performed on your computer network, Wi-fi network and websites – then patch the vulnerabilities found (there will be some!)
Mitigating an attack
If your company is hacked with ransomware, you can explore the free ransomware response kit for a suite of tools that can help (update: it now looks like you have to register for a free account to access this kit). Other things you can do include:
- Research if similar malware has been investigated by other IT teams (update – contact your local Cyber Resilience Centre, they may be able to help). It may be possible to decrypt your data on your own.
- Remove the infected machines from the network so the ransomware does not use the machine to spread throughout your network. This also applies to any computers that get infected with any virus.
- Make an official investigation. If possible, do not pay the ransom as it only encourages the attackers to come back and try again.
This article is based on TechRepublic’s “How to avoid ransomware attacks: 10 tips”