Ransomware is malicious software designed to make your data inaccessible by encrypting files on your computers and network. The cybercriminal that sent the ransomware will then ask you for a substantial ransom to unencrypt your files.
When large companies suffer these kinds of attacks, it makes SMBs wonder, “Is there anything I can do to stop ransomware in my business?” Hackers indeed tend to target the weakest link in the cyber chain, but SMBs can still mitigate their risk, and avoid paying hefty ransoms in the process.
- Data Backups
One of the most important things you can do is ensure your data backups are stored offsite and offline. Should a hacker be able to get to your data and encrypt it, you can still recover the data without having to pay a ransom for the decryption key. While numerous SMBs may feel that paying the ransom is the more effective way to get their data back, studies do show that 46% of businesses who paid a ransom to regain access to their files reported that some or all the data were corrupted.
- Cyber Awareness Training
Another important step to protect yourself from ransomware is ongoing cyber awareness training. As mentioned, the weak link in cyber security strategies tends to be your employees. Even the most tech-savvy workers can be fooled by a well-drafted phishing email. Once someone has clicked the link, ransomware is now downloaded onto the device, and will soon replicate through the network. With ongoing cyber awareness training, workers will think more critically about what links they click on and what files they download.
- Anti Virus/ Anti Malware Protection
Having endpoint protection like anti-virus software running on all systems is very important. Look for software that includes features like signature matching of known bad malware, behavioural analytics, file reputation evaluation, IPS, download protection, and device control. You also need to ensure that this software is updated regularly to keep protecting you from newer malware variants.
- Policy of Least Privilege
Clinging to a strict access control model like the policy of least privilege can help prevent ransomware and other forms of malware from spreading throughout the entire network. The principle of least privilege means granting access only to specific shared folders to those who need to do their job. Using the policy of least privilege means there is less risk of infecting every file in the organization.
While there's nothing that will 100% guarantee that you won’t get ransomware, using the above four steps can help. You can think of it as having locks on your door; they won't keep out the most determined of crooks, but they will keep out most, which is better than having no locks at all. Trust Quick Intelligence’s QuickProtect to be the locks on your door. Contact us for your ransomware protection needs.
(Updated from July 26, 2021)