Ransomware attacks – and how to avoid them
- Probably the most obvious measure a business can take – backup data regularly and store everything on a secondary system. These backups should happen every time data is modified and they should be stored offsite in a system that is unconnected to the main network.
- Ensure that all staff are trained to recognise what a ransomware attack looks like – and be mindful of suspicious emails, links and social media networks. Filter inboxes for spam and attachments from emails by an email security tool.
- Businesses should use anti-malware software and the IT manager should ensure that products are regularly updated.
- The ransomware attacks often happen via an executable file or as a .zip file. Also, attacks can come through Microsoft Office files containing macros. So, again, staff should be made aware of unfamiliar activity.
When a network has become infected, the infected computer should be disconnected from the system as quickly as possible. The wifi should be turned off and all automatic backups should be stopped to the external storage facility. Prior to shutting down the network, take a screen grab of the network memory. To stop ransomware from encrypting data, block network access to any command-and-control servers. Businesses should also remove local administrative rights from the system. This stops ransomware changing system directories, files, registry and storage. It also blocks access to system resources and files Importantly, if data is breached, tell the supervisory authorities that a breach has occurred and ask for assistance in the investigation. Under the new GDPR rules from May 2018, a business has 72 hours to notify the Information Commissioner’s Office about the breach. However, by doing this the business could lose data permanently as the criminals realise their ransomware tactics have failed. SCC has long understood how vital it is to put in place cyber security to defend digital operations from ever more sophisticated ransomware attacks. Cyber criminals are always finding new methods to circumvent and breach a company’s online security. These highly professional cyber criminals can lie in wait for months if necessary before launching an attack on a system that has put all the correct security compliance procedures in place. As part of the company’s services, SCC offers businesses the most up-to-date detection and analytics software. This helps with analysing and evaluating potential ransomware attacks. To protect highly confidential financial and personal data, all organisations need to have access to the best security to protect themselves. Moreover, SCC not only provides detection and analytics software, but also helps businesses to be more cyber security conscious. That way SCC increases security best practices while limiting the probability of a disastrous cyber-attack. Further Reading: Ransomware victims have paid out more than $25 million, Google study finds Discover more about our Security Services