Ransomware is an extremely profitable scheme for those that have decided to use their talents for evil. How can you protect yourself and your company from such an attack?
First, know why it is of great concern. Ransomware is a malicious software that holds your computer system hostage until you pay up. If you do not pay, all of your information will be lost. If you do pay up you will need to do so with Bitcoin, the preferred method of payment due to the fact that is will allow for the “computer-nappers” to remain anonymous.
Any company could be a target, but organizations such as banking, schools, hospitals, police, airlines, and governments are particularly susceptible. Here is what you need to know:
- Backup: This is number one as you will be able to retrieve your information. Your data should be backed up to the cloud or to an offline server that is not connected to the desktop system(s). If, as an individual user, you backup to an external hard drive, make sure to disconnect the drive once a backup is complete!
- Beware: Do not click on a URL or on an attachment from an unknown source. Make sure you know the source. Also be aware that sometimes the mischievous email will appear as if it is from a reputable company, but you will then notice that email is a Gmail account, for example, and is not directly from a company email address. Don’t fall for it. And don’t fall for anything warning you that your system has been compromised or that you have to lock something down – you can always contact your bank, or whatever organization the email seems to be coming from, to ensure that they are in fact sending you the information and that action is required on your part. Seriously consider training your staff on how to recognize suspicious emails and phishing tactics, they are much more vulnerable when not informed.
- Protect: Make sure that the computer protection service you use for your systems does protect against ransomware AND that is it the best protection available for your particular device. It’s worth taking the time to study, ask questions, and turn to the experts for advice.
- Know: Make it a point to add another bit of info to your “Emergency Contact” portfolio. Check out and note anti-virus companies that provide what is known as decryptors, which can potentially un-encrypt data, allowing you to avoid paying the ransom.
- Limit: An article from Wired shares that network administrators should take steps to limit permissions and to segment access to critical data using redundant servers.
- Disconnect: As soon as you become aware that malware, ransomware or anything malicious is going on, unplug ASAP in order to stop the virus from spreading.
Wonder what it looks like? Check out this recent and appropriately named WannaCry demo.
Don’t allow all your hard work to be lost Meeting Planner! Jim Spellos of Meeting U and I want you to stay safe J