8 things you can do to protect your business from ransomware
You’ve probably heard of ransomware attacks like WannaCry, but is your business prepared for the risk of a ransomware attack? Ransomware, like other types of malware, can cause serious havoc to your IT system and business operations. Being prepared is essential, and this requires your business setting up a range of strategies to both prevent and deal with the risk of a ransomware attack.
What’s ransomware?
Ransomware is a type of malware that has been gaining attention in the past few years. Ransomware works by taking control of your device, encrypting the files, and preventing your files from being read. The ransomware then displays a message on your screen asking for payment before the files can be decrypted and made usable.
Payment in bitcoins is usually requested, and the ransomware can hike up the price if you don’t pay on time. Sometimes the promise to decrypt isn’t followed through even if you do make payment, so your data is lost forever. Ransomware attacks can affect entire IT systems as opposed to individual computers, so they can instantly bring down your business operations.
Ransomware can be spread in several ways.
- Phishing attacks – Ransomware can be spread like any other type of malware: phishing attacks using links or attachments from apparently trustworthy senders can lead to users downloading the ransomware file into their device.
- Poorly protected networks – Networks with software vulnerabilities or without the latest software patches can be left open to ransomware attacks, such as with the WannaCry outbreak.
- Drive-by downloads – Ransomware can be downloaded to your device if you load a webpage that automatically sends the malicious code through your browser.
What to do to about the risk of ransomware
Staying cautious, ensuring your devices have the latest security patches, and training your staff in avoiding risks like phishing attacks is essential. You’ll also want to back-up regularly and have a strategy for when ransomware does strike in your organisation.
1. Look out for malicious email messages
Train your personnel about ransomware and teach them how to recognise malicious emails from suspicious sources. If you don’t have a clearly stated policy on phishing attacks, it’s a good time to develop one and let staff know how to deal with these types of emails. Make sure staff know not to click on links and download attachments unless they’re certain the source is a trusted party.
2. Back up data every day
Ask your IT technician to schedule automatic backups at least once a day. While regular back-ups won’t help you avoid a ransomware attack, you’ll be protected from losing all of your information in the event you do get attacked. With up-to-date backups, you can quickly restore your files and restore your daily operations without paying the ransom.
3. Update security patches
Set updates for your operating system and other apps to ‘automatic’ so your devices download them as soon as they’re available. Security holes heighten the risk of infection by ransomware, but with automatic updates, you’ll be able to patch these risks as soon as the software manufacturer addresses them.
4. Use anti-malware programs
Download and activate a quality anti-malware app on every device in your organisation. Anti-malware companies usually stay alert to new ransomware and provide malware-definition updates to users. Set your malware definitions to update automatically, so you and your staff members stay protected as soon as the new updates are available. You can get quality anti-malware systems for free. For example, Windows 10 comes with Windows Defender, which is updated regularly with ransomware definitions.
5. Filter emails
Have an email-filtering system installed on your devices or IT system. Email filters are designed to block phishing and other suspicious emails from entering your server or devices. This means users won’t see the emails or get a chance to open them.
6. Use an enterprise-grade firewall
An enterprise-grade firewall could protect you against ransomware coming in through vulnerabilities in a poorly protected network. Enterprise-grade firewalls are now decreasing in price as products targeted towards small to medium enterprises are being released.
7. Move to the cloud
Shifting your IT system to the cloud could let you access better malware scanning and additional security features, especially if you’re a small business with a strict IT budget. If you’re not ready to shift your entire operations to the cloud, start with your email servers.
8. Disable Microsoft Office macros
Microsoft Office macros have been used to distribute ransomware through downloaded documents with macros. Make sure you disable these and ask your team to disable or limit the functionality of your macros on documents downloaded from the internet.
What to do if attacked
Have an emergency plan in place that directs your staff on what to do if your organisation is hit with ransomware.
- Disconnect and shut down – Some businesses have a policy of disconnecting and shutting down as soon as they discover they’ve been hit by a ransomware. Disconnecting as soon as you’re hit could stop encryption from proceeding, but check with your IT technician to ensure this is the best course of action for your particular IT system. Usually it’s best to disconnect, even if the ransomware message demands you don’t.
- Don’t pay – It’s also advisable not to pay the ransom if you’re hit because the hacker will be profiting and you won’t have any guarantee your system will be restored. Additionally, paying could make you a ripe target for future ransomware attacks from the same hackers because they know you’ll pay.
- Seek advice – Get advice from your IT technician as soon as you know you’ve been attacked.
Limiting the chances of ransomware attacks on your system
Risk management, along with an emergency plan, is the best way to deal with the risk of ransomware. Train your staff in good security practices, and keep your devices up to date with the latest patches. Shifting to the cloud can offer additional security protection, as can using anti-malware programs. If you do encounter an attack, have a solid contingency plan in place so you can react quickly and minimise loss.
Aussie Broadband is a leading Australia-based ISP providing award winning NBN services to businesses across the country. It’s easy to apply for a free quote online, and you can rest easy knowing that you’re in good hands with Aussie Broadband.