A recent blog post reviewed what Ransomware is, how it is deployed, and the types of attacks that can occur. Essentially, it is a type of cyber-attack that can lock up your computer screen, your mission critical files, and the data that your company depends on daily.
The only way you can ever hope to recover your files is to pay a ransom to the cyber attacker. Here’s the tricky part; simply paying in hard currency is not enough – it must be paid in a crypto currency like Bitcoin. By paying with a virtual currency, the cyber attacker almost guarantee’s their tracks can’t be traced.
Here are some ways you can protect your business from a Ransomware attack:
1. Always back up your data:
This should be a no brainer, as it is one of the oldest mantras in the world of cybersecurity. There are various methods to backing up your data. For instance, you can have both an on premises and off premises solution. Depending upon the size of your data and files, it is recommended that you have both. With an on premises solution, it is highly recommended that you keep this backup in a different physical location, using the Cloud is a prime choice. Equally important is to make sure you back up all your mission critical files daily, if not more. So if you ever become a victim of a Ransomware attack, all you need to do is procure another computing device(s) and restore your files from the backup.
2. Do not open up any suspicious links or attachments in your email:
Believe it or not, phishing emails are still one of the most favored techniques of the Cyber attacker. Therefore, as it has always been said, do not click on any suspicious links or open any kind of email attachment that you are not expecting. Be especially careful of file extensions that end with .DOC, .PPT, and .XLS. It is also important to keep in mind, that a Cyber attacker will very often use the name and email address of an individual in your electronic address book, to make the fake email look legitimate. If you receive an email you weren’t expecting, always contact the sender to confirm he or she actually sent it. If they did not, delete it immediately! This also goes for those pop-up messages that appear in your web browser. They often make use of scare tactics so that you will be tempted to click onto the link that is embedded into them. Very often, these links contain the Ransomware .EXE files which will very quickly find their way into your computer if clicked on.
3. Keep your computer updated:
It is always important to keep your servers, your computers, and your wireless devices up to date with the latest software patches and upgrades. True, it may be a pain doing this, but doing so will pay huge dividends in the end. Apart from this, there are other preventative measures that you can take:
- Always keep your Adobe Flash Player, and other Java based web browsers up to date. This will help to prevent any kind of “Exploit Kit” Ransomware attacks from occurring.
- Disable the VSSADMIN.exe file. This is an obscure file in the Windows OS designed to administer what is known as the “Volume Shadow Copy Service.” This is used to keep a version history of files in your computer that are not used very often, or that are deemed to be arbitrary in nature. Since very few people use this tool, it has become a favored avenue of the cyber attacker.
- Disable the other automated services in the Windows OS; Script Host, Power Shell, Auto Play and Remote Services.
4. Shut down your entire computer system(s):
If you think you may be in the beginning stages of a Ransomware attack, immediately unplug your computer. This action will help mitigate the actual .EXE file from entering your computer. However, if your IT infrastructure is large, shutting down the entire system is still your best bet. This will cause some downtime, inconvenience, and lost revenue, but the cost is minimal compared to the alternative.
5. Never pay the cyber attacker, ever:
If in the unfortunate case that you do become a victim, never pay the cyber attacker under any circumstances. There are two primary reasons for this:
- Even if you do pay the ransom, there is no guarantee that you will get the decryption key to unlock your computer and files.
- Paying the cyber attacker will only fuel their motivation and greed to launch more Ransomware attacks.
In the end, remember that you do not need all of the latest security technologies to keep your business safe from a Ransomware attack. It just takes following the tried and true techniques as detailed in this blog. These are very often not acted upon, so these are the prime areas in which the cyber attacker looks to their next Ransomware attack.