All the trend lines point one direction when it comes to ransomware frequency and scope of damage — up and to the right. A report from Cybersecurity Ventures projects that on average, there will be a ransomware attack on a business every 14 seconds by the end of 2019 — up from a rate of one attack every 40 seconds in 2017. That same report suggests these attacks will cost business upwards of $12 billion by 2019; that’s double what ransomware cost companies in 2017.
So, how do you protect your company, your data and your bottom line from this pernicious and growing threat? We’ve put together some best practices for that very question.
First off, what exactly is a ransomware attack?
Unlike malware or a simple computer virus, ransomware is malicious code designed specifically to extort money out of the victims. The most common version of such an attack goes something like this: the perpetrators phish a target computer with a sophisticated, malicious email attachment. Once the attachment is downloaded and opened, it starts to run a program in the background, eventually encrypting every file on your computer. Once the program has finished, it presents you with a system-wide alert saying if you don’t pay up, the ransomers will delete the security key, and all your files will be encrypted (read: useless) forever.
So, what can I do?
For small business owners, many choose to hire managed service providers to help protect against this scenario. It’s becoming harder and harder to handle complex security threats in house, alone; so small businesses partner with companies like Leverage to handle these sorts of things for them. Especially if you are infected with ransomware, having an expert ready to both fight the attack and clean your systems can prove invaluable.
Short of that, it starts by training your employees rigorously in how to spot suspicious communications and avoid opening or downloading anything from senders they don’t inherently know and trust.
Secondly, you should be diligently updating your operating systems, your anti-virus software, as well as your anti-malware software too. As new attacks and new tactics become prevalent, operating systems and software are patched/updated to best fend off the newest threats.
Third, disable all macros in Office products. One of the most prevalent forms of ransomware attacks uses Microsoft Office macros as the back door into the system, so be sure you have this set to off for all the computers on your network.
Fourth, and most importantly, you should be backing up your data consistently, frequently and remotely.
The only way to survive a ransomware attack with your data intact and your bottom line unaffected is to isolate the infected machine, disconnect it from the network, wipe the entire system clean to factory settings, and then restore from a clean backup. That’s only possible if you’re storing your backups on an unconnected system off site. And it will only give you a full restore if you’re backing up consistently and frequently.
Hopefully, these tips can help you fend off one of the more malevolent threats out there today. But if you have any questions about how your security can be better, we’re all ears!