Did you hear about the ransomware attacks that have been happening? Your business’s customer information, employee data, proprietary information, trade secrets, company financial data and more are prime targets for this ever-increasing cybercrime. Make sure you and your business are prepared.
What is Ransomware?
Ransomware is a type of malicious software that infiltrates the target company’s systems and uses encryption to prevent users from accessing files, software and networks. Attackers demand a ransom payment — anywhere from hundreds to even thousands of dollars — to gain a decryption key that unlock the malware. Unfortunately, attackers often take the ransom and fail to provide the encryption key. Websites and email attachments are typically the sources of ransomware malware.
Back-up Your Data Often
Regularly backing up computer data is one way to protect yourself from a ransomware attack. Failing to back-up your files puts you at risk of losing your data. There are many backup options, including backing up to cloud providers, to local storage devices, or to network attached drives.
Educate Your Employees/Users
Another important measure is training employees on how to keep the fraudsters at bay. Training should emphasize things like recognizing social engineering techniques, not clicking on links in questionable emails, and never opening attachments from unknown senders.
Have a Prevention Action Plan
- Install and maintain antivirus software across all machines/computers within the business.
- Use software that only allows specified programs to run on the company’s computers, blocking malware.
- Set up administrative controls to manage security — do not give employees the option to change or disable security settings.
Don't Pay the Ransom
Ransomware incidents are increasing. While each targeted company must decide whether or not to pay a ransom, security experts generally advise companies against doing so.
Ransomware in a company’s network can be self-propagating and trigger repeat incidents. Making payments to obtain the encryption key can backfire by making the company vulnerable to repeat attacks. With that in mind, experts recommend that companies focus on restoration efforts and protection against future attacks through prevention tactics.