June 26, 2017
3 Ways to Stay Ransomware Free
Protect your computer network—and your business—by educating employees about safe computing practices and investing in enterprise-grade backup and security solutions.
Ransomware, which infects computer systems and denies access to files until the owner pays a hefty fee, has become a popular method of cyberattack. Americans paid approximately $325 million following ransomware attacks in 2015, and projections for 2017 are even higher. In fact, the FBI estimates ransomware is on pace to become a $1 billion industry by the end of this year.
The United States Computer Emergency Readiness Team (US-CERT) issued an alert this year, providing guidance on how to defend computer systems against ransomware, which boils down to three things: education, backup and endpoint security.
- Educate employees to follow safe computing practices.
Ransomware is often delivered through a weak link in a business’ security strategy: its employees. Train your employees to recognize phishing emails and not open attachments from unsolicited emails. Also, make sure employees know how to identify a suspicious link—a simple way is to hover over it until the URL appears, which should match the website the email claims to come from.
It’s also important to implement safe computing practices, including the “principle of least privilege,” which limits network access to only what employees need to do their jobs. Additionally, stress procedures that employees should follow if they think their computers have been infected, such as disconnecting from the network or disabling Wi-Fi and Bluetooth on mobile devices.
- Use enterprise-grade backup.
In the case of ransomware, the best defense is to block the malware before it infects your computer system, but if it does, Plan B is a backup and disaster recovery (BDR) solution. If your files are backed up with an enterprise-grade solution, you don’t need to pay a ransom to restore them. You can recover versions of the files that existed before the ransomware infection and upload them onto your computer network once it has been cleared of malware.
Some cyberattacks attempt to encrypt your backup also, so if you don’t back up in the cloud and use a local server or storage device, it shouldn’t be connected to the network or directly to employees’ computers.
A ransomware attack will still result in downtime as you repair your network and restore your files with a backup solution, but without BDR, the only recourse is to pay the ransom if you want your files back.
- Avoid signature-based endpoint security.
For years, antivirus has worked through signature-based detection. It would look for the signature or identifying data of known blacklisted malware programs, and block them. The problem with this approach is that the attack had to have occurred before and someone had to identify it. It does nothing to protect your computer system from new malware or malware whose signature has been modified. The 2016 Verizon Data Breach Investigations Report states 99% of malware is only used once before cybercriminals modify it so it won’t be detected the next time.
A better strategy is to use solutions that employ application whitelisting that allows only approved programs to run on your network and blocks others, such as ransomware.
Ransomware is a prevalent threat, but raising awareness about safe computing practices and putting the right solutions in place—both to protect your business from malware and to recover data if it should be maliciously encrypted—ensures you will always be able to gain access to your data without having to pay a ransom.
Adam Davis, CEO, Next Dimension Inc