Ransomware attacks are the frightening new hacking phenomenon that is hitting businesses all over the world. Silently penetrating computers and networks, specially designed malware seeks out sensitive business files and then employs military-grade encryption to scramble the files so that the rightful owner – the business – can no longer access the information. The recent WannaCry attacks affected more than 200,000 victims and businesses continue to struggle to stop ransomware attacks.
Users attempting to open an infected file see only a ransom note. To regain access to the file, they are told to pay a certain amount to an anonymous Bitcoin account; if the ransom is not paid within a certain number of hours, the price will go up. The files cannot be decrypted by ordinary means, and even once payment is made, the hackers don’t always provide the key. Nonetheless, businesses that have not planned ahead to protect themselves have little option but to pay.
This cyber plague is affecting businesses large and small and has afflicted agencies as diverse as police departments and hospitals. Without preparation, there is no defense against it. Following these five steps, however, will stop ransomware attacks from ruining your day.
Backups, backups, backups
Saying it three times isn’t enough; all five tips here could read “backup,” and still not overemphasize the importance that this concept plays in defending against ransomware attacks.
The sole power that ransomware hackers have over your business is denying you access to your own information. By keeping copies of that information in places where they are unable to encrypt it, you take away all the leverage they have and render yourself completely immune to blackmail.
Encrypt your files first
Not only is encryption the way that hackers take control of your files, but it is also a technique that you can use against them. It’s true that encrypting your own files cannot protect them against being re-encrypted by hackers. The ransomware program can still double-encrypt all your files, rendering them inaccessible to you unless you buy the key from the hackers to remove their layer of encryption.
But there is more to the story. Most ransomware viruses use semi-intelligent algorithms to select files to be encrypted. Encrypting system or application files is usually a waste of time, as they are easily replaced from original installation media and represent no real value to the organization. Instead, hackers will program their malware to seek out only files of certain types, saving time by focusing on a soft target.
If your file system is encrypted first, though, the target isn’t so soft anymore. An impenetrable wall prevents the malware from figuring out what it should and should not encrypt. Consequently, most infections will do nothing.
Filter out likely infection sources
Ransomware is a particularly frightening form of malware, but it’s a good idea not to lose sight of the fact that it is just another variety of the many, many kinds of infectious programs running around on the Internet today. By taking the same steps you would use to defend your network against any sort of malware infection, you can also keep out ransomware.
Packet-filtering firewalls, strong e-mail scanning systems, and desktop anti-virus protection are all important mechanisms to help protect your network against not just ransomware attacks, but any kind of malicious infection.
Keep software patched and up to date
Many ransomware infections rely on system-level file access, gained through a compromise of important operating system security features. These compromises usually occur because the systems in question have not been patched up to secure against well-known security holes.
Software makers go to great effort to put out patches regularly any time they discover a new vulnerability in their product. Sadly, many of their customers do not take advantage of this free and important service. If your company is one that doesn’t keep patch levels up to date, you will have no one to blame but yourself if you fall victim to ransomware.
Embrace the cloud
When asked about cloud computing, one thing that most people identify as a concern is security. But when it comes to ransomware, the cloud is a far safer place than your own internal network.
Cloud computing providers focus heavily on securing their systems against unauthorized access. Their budget for security staff and systems exceeds that of all but the largest businesses. Consequently, they are far better protected against malicious mischief than almost any other company.
Their systems, even if penetrated, will rarely allow the type of encryption viruses used by ransomware authors to lock up your files. Even in the unlikely event that their protections are bypassed, almost all of them also back up your files as a matter of course, thereby providing a safe copy to revert back to and denying the attackers any leverage.
Stop ransomware attacks
Any business can protect itself against ransomware with a measure of forethought. These five steps are all relatively easy and absolutely vital to stop ransomware attacks and keep your data safe from malicious encryption.