Ransomware is a vicious form of malware that locks users out of their systems, forcing them to pay an often exorbitant fee to regain control of their data. Some ransomware, like CryptoLocker, actually encrypts files so that they cannot be accessed without paying the ransom. Often, paying the ransom will not guarantee that you will regain access to your data. The only solution is to prevent the attacks whenever possible. Without the right security in place, it is very easy to fall victim to ransomware, and recovering from such an attack can be costly.
Common Sense Steps to Deter Ransomware
If anyone in your company has already been infected by ransomware, immediately disable system restore and run an anti-malware detection scan to remove ransomware files. To prevent ransomware from gaining access to your data and impacting your business, be sure to:
- Back up files regularly
- Install patches and security updates immediately when they are available
- Scan systems regularly for malware detection and removal
- Implement strong email security, antivirus, and firewall protection
Avoid Ransomware with Smarter Security Measures
Ransomware attacks can be avoided with carefully layered detection and security protocols that make it very difficult for hackers to break in. Organizations must also be cautious about where and how data is stored and accessed. Running files from desktops, USB sticks, or external drives can leave you without a safety net. We recommend the use of an enterprise file sync software like SyncedTool from which files can be accessed and used. Alternatively, organizations can operate using hosted desktops where the file data is stored offsite and protected with BDR. In either case, if there is an attack, your managed services provider can perform a mass revision restore to the point in time before the ransomware encrypted the files.
Don’t Ignore the Need to Educate Staff about Ransomware
It is imperative that you train your staff to be alert when opening attachments in emails. Take extra precaution when working with email links and attachments. There are three fundamental questions you should ask yourself before opening any message:
- Do I know the person who sent me this message?
- Am confident that I know the nature of the attachment or link?
- Am I expecting this attachment or link, or is this an attachment or link that I regularly receive from this person?
If you can’t answer all of those questions in the affirmative, then it’s best to err on the side of caution and reach out to the person via phone or follow-up email to confirm the nature of the message.
At thinkCSC, we take your security seriously, so please take a moment to review our email guidelines with your staff. We regularly receive reports of spoofed emails that appear as internal communications and may contain attachments or links containing malicious malware or ransomware. Don’t let an innocent click of the mouse leave your organization in shambles. Be proactive and take steps to protect your company today. To learn more about having the right layers of security in place to protect your organization from these vicious attacks, contact thinkCSC.