Ransomware has been a hot topic for months, especially since the devastating consequences of the WannaCry attacks earlier this year. While one lucky crypto enthusiast may have stopped that single tendril arm of malware, there are still many more insidious and self-perpetuating hacker programs out there and they don’t show any signs of slowing. From new ransomware innovations to attacks on your IoT devices to ransomware attacks that encrypt the data on your IoT devices, we have every reason to suspect constantly evolving malware, often taking on the popular ransomware ‘business model’. In an environment rich with malicious viruses, what can a modern business do to lock down their network and protect their vital data? Combatting ransomware is a multi-stage process that requires the cooperation of your entire staff, but it can be done.
The first step in any anti-malware defense plan is to avoid infection entirely. The central premise of avoidance is that ransomware has to get onto your computer somehow, so the less you contact unverified sources or intake unknown files, the lower your risk for ransomware is. Prepare to train every computer using (and even device-wielding) employee the ways to avoid infection.
- Do Not Open Attachments
This is the first and very important rule of not inviting infection into the company (or personal) network. Attachments can be any kind of file within the size limit and can come through almost any avenue. Emails are the most common way to send a malicious attachment, but your chat platform and even social media links are also possible sources of malware files.
- Secure Websites Only
Don’t click on unknown links or those that lead to unverified websites. A site page can be configured to hold a file and even to invisibly download it onto your computer without your knowledge. One thing to watch out for is if you try to follow a link and a fresh tab opens only to immediately close again. While this isn’t always a sign of infection, it does mean something unusual has happened with your requested page.
- Don’t Fall for Pop-Ups
The fake pop-up is one of the oldest hacker tricks in the book. A website is fully capable of opening an alert window, saying alarming or misleading things, then asking you to click on it. If you did not expect the pop up and cannot verify it’s message, don’t click on it.
- Watch Out for Phishing
Phishing occurs when a hacker sends you an email that looks legitimate in order to trick you into clicking their ransomware-bearing link. They can look like your friends, bank, school, and even work. When hackers use the same tactic while pretending to be an executive at your job, this is called whaling. Don’t fall for either.
Even with absolute vigilance on the part of your staff, sometimes infections get in anyway, but you’re still not in trouble. Your second line of defense is anti-virus software and a well-maintained computer. With these two things, more malware attempts will crash at the shores of your data fortress.
- Up-To-Date OS and Anti-Virus Software
Every operating system has a few downsides, and not just in the competitor comparison. Updates and patches are provided to boost your security and experience using each OS, meaning that a current operating system and recently made anti-virus software are a great way to start your defense.
- Configured Firewall
With a well-maintained OS comes a strong firewall protection, provided you set it up correctly. The way your firewall defends you is vital to blocking ransomware and its other less publicized malware companions. This will help you protect from unwanted programs, but not all of them.
- Email Scanning
While the recent troubles with ransomware have made email vigilance a constant concern, modern technology has a handy backup in the form of the email scanner. This program can identify unknown links and attachments in your mail to sort-out or red-flag it for your careful consideration later. They even make scanners that can help you detect phishing.
Prepare to Restore from Backup
Those who have done their homework know that even fairly well-defended companies could be hit by ransomware, causing massive interruption of services while executives vehemently debate how do recover the data and deal with the issue. Fortunately, you can be ready for even the worst ransomware situations.
- Regular and Complete Backups
If an insidious malware gets into your computer, sometimes the best response with obliteration in the form of hard-disk wiping with top-to-bottom reinstallation from the OS upward. With regular and complete backups of all local and cloud stored data assets, you can be certain of your ability to get every drop of data back.
- Backup Your Computer Configurations
Most people who don’t deal with the deeper levels of computer management also don’t realize how much more is involved in setting up a computer than the suite of software. In order to get an absolutely identical computer before and after the malware attack is to save the configurations in place on your computer and restore from backup along with your data.
Contact IT Immediately
If you do think that you have been hit by ransomware, the time to act is very soon before it has established itself and spread too much further. Contact your IT support team immediately for advice and expedited treatment of the infected machine. Your IT staff will most likely be the ones wiping the computer and restoring from your regular backups.
The best way to thumb your nose at a ransomware hacker is by avoiding their attack and, if they do get a hit, getting your systems back online from total wipe within hours of their initial attack. With a complete ransomware defense plan, you can rest assured that no crypto-malware can threaten your thoroughly backed files.