During a ransomware attack, data is encrypted by a malicious actor. The victim business is then asked to pay a ransom in order to decrypt their precious data. Ransomware attacks are very common and can be very costly indeed. In the United Kingdom, the average cost of a successful ransomware attack is 840,000 dollars: a very large price for some smaller businesses.
Protecting against ransomware attacks is extremely important for businesses of all sizes. Ransomware attacks are often conducted by organized criminal groups. WANNACRY, one of the largest ransomware programs, was even supported by a government: the DPRK.
There are some relatively simple things that businesses can do to protect themselves against these devastating attacks. Here is a quick guide to the most basic efforts a company can make to keep ransomware groups away.
Mitigate and Back Up
Ransomware groups capitalize on the fact that businesses do not back up their data rigorously enough. They rely on a business really caring whether they get their data back in order to extort ransom money. By backing up all files onto cloud based remote servers, a company can mitigate the impact of a ransomware attack. A company does not need to pay a ransom for data that it has ready access to from another source. Backing up data has never been more important.
Train Staff Correctly
Staff training is one of the most effective defensive measures that can be taken in order to prevent ransomware attacks. Ransomware has to find its way onto hardware in order to be installed. Most of the time, this involves a phishing campaign. Phishing involves the sending of a malicious software download link in a seemingly innocent email. If staff are trained to avoid opening such links, their company will be less vulnerable to attack. Staff also need to be trained to recognize unusual activity within a network: missing or moved files can be tell-tale signs that a malicious actor has gained access.
In order to create a secure network, a business needs to carefully police authentication. Simple password authentication is not enough to protect a network. Instead, companies should focus on implementing multi factor authentication – usually a combination of biometric and hardware-based roadblocks. Furthermore, only trusted figures within a business should be able to access privileged parts of a network.
Make Use of Cyber Asset Management
Cyber asset management is a field within IT security dedicated to detailing all of the assets within a network. While this might seem like a rather benign activity, it actually serves to protect a network by informing a business of their attack surface.
For help in this matter, you can find out more from Panaseer. Cyber asset management is a relatively new field within security but promises to be a big help to companies that would otherwise struggle to keep an eye on the security status of all their hardware, software and cloud assets.