Ransomware is malicious software designed to make your computer inaccessible by encrypting all of the files and holding them hostage for a substantial ransom. If your computer is connected to a network, it will usually try to spread to any other computers on the network and infect their files too. Recently, Colonial Pipeline and JBS Foods suffered ransomware attacks that affected production and forced those companies to pay a huge ransom.
When large companies suffer these kinds of attacks, it makes many SMBs wonder, “is there really anything I can do to stop this from happening to my business?” While hackers are pretty adept at exploiting the weakest link in the cyber chain, there are still things SMBs can do to mitigate their risk, and most importantly, avoid having to pay a hefty ransom.
- Data Backups
One of the most important things you can do to is ensure your data backups are stored offsite and offline. Should a hacker be able to get to your data and encrypt it, you can still recover the data without having to pay a ransom for the decryption key. While many may feel that paying the ransom is sometimes the more efficient way to get their data back, studies do show that 46% of organizations who paid a ransom to regain access to their encrypted systems reported that some or all the data was corrupted during the recovery process.
- Cyber Awareness Training
Another important step in the prevention of ransomware is ongoing cyber awareness training. As mentioned, the weak link in most cyber security strategies tend to be your employees. Even the most tech-savvy employees can be fooled by a phishing email that is well-crafted. Once the employee has unknowingly clicked the link, ransomware is now downloaded onto that employee’s device, and will soon replicate though the network. With ongoing cyber awareness training, employees will be more cautious about what links they click on and what files they download.
- Anti Virus/Anti Malware Protection
It is also important to have endpoint protection like anti virus software running on all devices. Look for software that can prevent ransomware that include features like signature matching of known bad malware, behavioral analytics, file reputation evaluation, IPS, download protection, and device control.
- Policy of Least Privilege
Adhering to a strict access control model like the policy of least privilege can help prevent ransomware and other forms of malware from compromising the entire network. Malware will spread whatever the level of access the infected users have. The principle of least privilege involves granting only explicit access to specific share folders across a network that the employee needs to do their job, rather than full access to all files/systems.
While there is nothing that will 100% guarantee that you won’t get ransomware, employees the above 4 steps can help. It’s just like locks on the door to your house; they won’t keep out the most determined of intruders, but they will keep out most and it is better than not having any locks on the door whatsoever. QuickProtect will be the locks on your door. Contact us to discuss your ransomware protection needs.