Ransomware is one of the most popular and most significant threats in the world of cybersecurity. Worldwide, there were more than 187.9 million ransomware attacks in 2019, and that number is poised to increase in 2020 and coming years.
For cybercriminals, ransomware is relatively easy to implement; all it takes is one foolish employee or lax security standard, and you can hold an entire company hostage. For business owners, ransomware is devastating; it can cost upwards of millions of dollars to fully recover from an attack.
Fortunately, if you follow the do’s and don’ts of ransomware, you can minimize your chances of being a victim, and reduce the potential impact of a ransomware attack when it occurs.
First, make sure you back up your data regularly—constantly, if possible, and throughout the entire organization. In a ransomware attack, a criminal gains power when they hold all your information hostage; you won’t be able to access your important files or systems until you pay the ransom. But if you have safe copies of all your old data, this threat can be pointless. You’ll be able to restore a slightly older version of your files and systems and avoid paying the ransom altogether. To make this work, you need to be consistent; back up your data securely and routinely.
It’s worth putting together a response strategy; in other words, what are you going to do if your organization is the target of a ransomware attack? But it’s much more effective to be proactive. In other words, you have to take steps now to prevent your organization from being the target of an attack in the first place. If you can avoid ever being the subject of a ransomware attack, you’ll never have to deal with the consequences.
One common method for ransomware attackers is to trick employees into either providing their login credentials via a phishing link, or downloading a file that contains malware. You can protect against both of these potential threats by implementing more content scanning and filtering. As an organization, you should have full awareness of what your employees are downloading and what kinds of messages are being exchanged. You should be capable of filtering most threats out before they ever hit an employee’s inbox using automated tools for email security and endpoint security.
Next, make sure to keep your systems up to date with the latest software patches. Cybercriminals are constantly looking for opportunities to exploit; if they find a security vulnerability, they’ll try to use it to gain an advantage and launch a ransomware attack. But if you’re constantly installing patches as they become available, this opportunistic attack style becomes useless.
Ransomware attacks are often the result of poor employee training and/or bad employee habits. Make sure your employees are familiar with standard best practices in the cybersecurity world, like choosing strong passwords, never giving out their passwords to others, and avoiding links and content that appear suspicious or unfamiliar.
Many new victims of ransomware attacks are interested in paying the ransom. They want to get the attack over with and move on with their business. However, this is a bad idea. First, there’s no guarantee a hacker will let your systems go after you pay the ransom. Second, you set the precedent that you’re a valuable target. Instead, it’s better to cut your losses and revert to a former instance of your systems.
You should never give your password or login credentials to anyone, especially if that person is not familiar to you or is outside your organization. Too many ransomware attacks could have been prevented by following this simple rule.
If you’re in the middle of a ransomware attack, it’s important to mitigate the damage as much as possible. That means disconnecting from the internet entirely and preventing the attack from going further. The more proactive and the faster you are here, the better.
Similarly, make sure you turn off all automatic backups during an attack, should one occur. Otherwise, you’ll be duplicating the ransomware attack and possibly compromising your backups.
If you’re interested in maximizing your anti-ransomware potential, use Check Point’s Anti-Ransomware solution. With it, you’ll be able to employ a vast suite of tools to help you proactively avoid and combat ransomware. It includes active threat prevention, the capacity to detect and quarantine ransomware attacks, and of course, the ability to restore your files from routine backups. Sign up for a free demo today, and see if it’s the right fit for your organization!