Organizations that fall victim to ransomware attacks can face significant disruption to their business operations.
Consider the ransomware attack in Atlanta in 2018. The attack hit many mission-critical services. Recovery took over two months, and estimated costs range between two and five million dollars.
What is ransomware?
The first ransomware attack occurred in 1989. It was very primitive and didn’t cause much trouble. However, today, ransomware has evolved into a highly sophisticated type of software.
The different types of ransomware use different approaches to disrupt an organization’s operation.
- Ransomware that encrypts files to prevent valid users from accessing them.
- Ransomware that uses encryption to prevent access and has the ability to spread to other computers via networks or exploits.
- Older ransomware software doesn’t encrypt files, but it can lock up monitors to prevent access.
Once a ransomware attack has succeeded, a demand for payment displays on the affected system’s monitors. The hackers indicate that they will release the cyber locks after the ransom is paid.
Unfortunately, that isn’t always the case. In the Atlanta attack, federal agents informed city officials that the hacker holding their systems ransom had a habit of attacking a system again after the ransom was paid.
How do ransomware infections get started?
Hackers can introduce ransomware into your system in a number of ways.
Hackers use phishing emails to spread ransomware in an email attachment.
A visitor to an infected website can have ransomware downloaded to their system without their knowledge.
Hackers use web-based instant messaging applications to distribute ransomware.
Hackers use worm-like capabilities to spread ransomware to computers that weren’t exposed to an initial attack.
Hackers use vulnerabilities in web servers as an entry point to download ransomware.
How you can protect yourself against ransomware
According to Deloitte, ransomware attacks are increasing and attacks happen to organizations of all sizes. It’s no longer reasonable to assume that an attack could never happen to your company.
In other words, if you’re not proactively working to avoid an attack now, you’ll be scrambling to recover later.
Therefore, it’s important to implement initiatives that will help protect against an attack. Here are just a few examples.
Training is key
You’ll notice that some of the ways in which your systems become infected aren’t completely controllable by the IT department. Educate all employees about ransomware, including how it’s contracted, how destructive it is, and how to avoid it.
Enlist the assistance of your entire organization in fighting the problem.
Work with security researchers
Most attacks will use security gaps that your organization isn’t aware of. It’s becoming more common for business and government agencies to hire researchers to find vulnerabilities.
Frequently backup files from all devices, and don’t use your network as the only repository. Sending backups to the cloud will give you a way to recover from a ransomware attack more quickly.
Keep your software and firmware updated
Look for a slowdown in your network, which is often a sign that you need updates. Not only will your network run more quickly, but you’ll have the latest patches to foil hackers.
Get to it
If you need better overall network security, that’s a good place to start. You may not always be able to stay one step ahead of the hackers, but making their job difficult will help you stay safe longer.