2019/12/09 IT & Cyber-Security Solutions 813 visit(s)
Ransomware strikes someone every 10 seconds around the globe, and when it does, it turns their most important files and data into encrypted gibberish. Unfortunately, the only option left for them is: paying the ransom that cyber criminals demand in order to regain access to their valuable data.
But before we move on…
Ransomware is a malicious software that blocks access to a computer till a payment is made to the cyber-criminal. Ransomware comes in different forms under different names, such as: CryptoLocker, CryptoWall, WannaCry and Petya.
Normally, the attackers use generated key pairs attached to the infected device to encrypt the local files. These pairs consists of a public key copied to the infected computer, and a private key can decrypt the files if and only if the payment is delivered within the specified time. If the money isn't transferred the key is deleted, leaving no possible way to restore the data.
There are many methods that cyber-criminals use to attack their victims, such as infected ads on legitimate websites, infected app or via phishing emails.
Here we will list some main tips you should follow to protect your business, employees and valuable data:
To protect yourself against Ransomware, you need to identify your systems, devices and services or - in other words - you have to identify what your business relies on. Also, you should have a full recovery plan in case a malicious software attacks your system.
Having an up-to-date security system is as important as keeping your devices up-to-date. The same goes for the security solutions your business uses. Also, it is important to have a secure email gateway (SEG) solution since emails are the most vulnerable part of any system, which Ransomware can use as a main entry point to any target. SEG solutions filter, detect and stop spreading any type of malicious software before the device receives an infected email.
Also, keep in mind that some basic security tactics can be applied, providing you a stronger and more secure system. Good examples for such tactics are: using strong passwords, adopting zero-trust between critical systems and obtaining a web filtering tool that stops phishing attacks.
Any business should take backups for its data and system on a regular basis, but what would happen if your backups get infected?
Your system is down, a recovery plan is initiated and you reached a situation where you have to restore your backups to your new environment only to find out that your backups are infected as well!!! That would be the worst case scenario for any malicious attack.
To avoid such awful scenarios:
Recovery routines help you ensure the availability of your backups, the ability to restore any resource at any point in time and the expected functionality of your systems.
Find and write down a list of expertise you trust or consultants you can reach out in the event of a ransomware attack. If possible, try to involve them in your security routines. Contacting the official security teams at your region is quite important, especially when your business is stroked by a ransomware.
Usually the employees are the weakest link in any business security system. But if you have them educated about the latest hacker’s tactics and techniques, and if you keep them trained to defend against malicious software and their spreading tactics, they will become your first and strongest defending mechanism. You can train your employees using different means such as: phishing simulation games, emails from the executive staff, informative posters and running your own phishing campaign to identify the employees in need for further training.
If you are interested to know more about Ransomware and defending mechanism, contact our expert team, OR take a look at our security solutions provided by CISCO and Microsoft to keep you safe against all current and emerging threats.