As ransomware continues to penetrate companies through more sophisticated means, many businesses are looking for answers for how to protect their data from ransomware attacks each and every day.
Ransomware is malware planted by criminals inside a compromised network or downloaded by an unsuspecting individual through a phishing email or infected website. The malware then hijacks the system, locks it down, and encrypts its files. This keeps the data inaccessible to authorized users until a ransom is paid—sometimes though, it is never released. The vulnerable data is held hostage and the bad actors behind the malware can exploit it.
Ransomware is a major cyber threat and a huge cost to companies due to lost or compromised data, the cost of restoration, and the downtime affecting employees and production. Once ransomware gets through the firewall, it can take over computers and spread across the network. After it’s in the system, it encrypts any user data files it encounters. Encrypted files can’t be decrypted without a key, which the ransomware will demand money for (hence the name ransomware). In fact, the perpetrators might even take on a false pretense and look as if they’re trying to help you restore your data while in fact corrupting or harvesting it.
Although the ransom is usually quite expensive, it may be tempting to follow the directions to pay off the ransomware and get your files restored. Don’t let this fool you. It is important that you do NOT pay it off! The FBI does not endorse paying the ransom because:
- many companies don’t get their files back even after paying, and
- paying encourages the attacks.
Unfortunately, insurance companies and some managed services providers have been known to pay off the ransomware based on the argument that paying may be the less expensive for all parties, especially for companies that negotiate with the criminals to lower the price below insurance minimums. When choosing cyber protection, make sure your providers have a good track record by asking them for information on what they’ve done in the past and how they’ll backup and protect your data from attack.
What is the Best Protection Against Ransomware?
- Keep systems patched and updated. Don’t use systems with known vulnerabilities. This includes replacing older computers and software and updating the entire network regularly.
- Make sure you have hardware and software firewalls. Yes, both hardware and software firewalls. Hardware firewalls protect your network from the outside, and software firewalls protect individual user’s computers. Be sure to configure them properly.
- Implement enterprise-grade antivirus software. Antivirus software scans files before downloading and performs systems checks, as well as looks out for vulnerabilities.
- Train your team. The human factor is the main way networks are compromised. Clicking a suspicious link can have detrimental effects, but if your team is trained to be on their guard, your company will be much more secure.
- Restrict user permissions. This keeps unauthorized users from downloading files not vetted by the IT team.
- Have a recovery plan. What happens if your systems fail? Your managed services provider can help you come up with a detailed plan that is ready to implement at a moment’s notice to minimize downtime.
- Test EVERYTHING. What’s the point of having all of these systems set up if they don’t work? You should test emergency procedures and have your network audited by your IT team at least annually.
What are the Best Backup Solutions?
The answer to ransomware lies in backups. While it’s possible for a ransomware attack to corrupt backups, a multi-layer system helps prevent that and keep your backups safe. A multi-layer system uses encrypted cloud storage as well as physical backups to get you up and running as quickly as possible. Research your cloud backup provider to make sure they have ransomware detection and other preventative measures to make sure already infected files don’t get backed up.
Saving backups to the cloud enables a network to be accessed from anywhere, so if your hardware is tied up with the malware, being able to start up with fresh machines is not only crucial but absolutely possible. Anderson Technologies specializes in catering to each need of our clients, and will work with you to find what type of backups is most beneficial to your company.
Besides rendering ransomware useless, backups are crucial for your company in several ways. They can be ready for use during audits, used for insurance purposes, and they are your company’s own insurance against a disaster that could cause loss of original documents or days of work.
Keeping your backups up to date and testing them regularly will ensure you always have a reliable backup to restore from.
Can Ransomware Target Backups?
Ransomware doesn’t necessarily target backups, but it can affect them if preventative measures aren’t in place. When ransomware apprehends a system, all the functions in the network are vulnerable, and this includes any backups connected with the system. Some malware may target backups to disrupt or remove safeguards and force users to pay the ransom. If those backups are exploited, and they’re the only set of backups the company has, your choices are limited. Properly configured, multi-level backups are the strongest solution to the threat of ransomware.
While no one wants to be hit with ransomware, it is a very real threat. However, through properly securing frequent backups, it is possible for your data to be protected – and restored – in a short time.