Ransomware continues to get headlines in the news, with victims ranging from individuals, to businesses, to government agencies. Hackers use ransomware to encrypt all files on a system or network, making them useless. They will then demand a ransom, to be paid in untraceable Bitcoin, for the files to be decrypted. This ransom amount varies from a few hundred dollars to tens of thousands, depending on the victim and the ransomware strain. Failure to pay the ransom often results in total data loss. Obviously, this is a vicious attack – one which businesses need to be extremely vigilant and proactive in mitigating. How can a business prevent ransomware from hitting their network in the first place?
Firewall
The first line of defense on any network is the firewall. It separates the public internet from your internal network, and determines what traffic is allowed in and out. Having a robust, next-generation firewall that is actively updated against the newest threats will help block malicious hackers from getting on your network. A good firewall will also alert to potential attack attempts and report on their source.
Antivirus
No antivirus solution is perfect, but by utilizing a trusted, well-respected and thoroughly tested antivirus solution, a business can often prevent ransomware attacks from being successful. Employees can be directly targeted, especially if they have access to sensitive info, so it’s vital that each PC is protected by an actively updated and managed antivirus solution. If a PC on the network gets infected, it’s not uncommon for the infection to spread to the whole network – good antivirus on each PC will help prevent this.
Spam Filter
Utilizing a trusted spam filter that is frequently updated will help prevent malicious emails from reaching your employees. These emails are often well-crafted and appear legitimate, only to fool an employee into downloading a virus or going to a site where a virus is downloaded. Email schemes are still a staple of the hacker toolbox, making a spam filter vital for protecting your data.
Backups
Network security, unfortunately, is mostly responsive, rather than predictive: the security industry responds to new threats more than it predicts future attack methods. Of course, this often means that the new threat needs to impact someone before it becomes known as a threat. If your company happens to fall victim, it’s important to know that your data can be restored and not completely compromised. Frequent server backups that are duplicated off-site regularly will help mitigate critical data loss, in the event of an infection.
Employee Education
While it’s easy to look at ransomware as a technology problem that requires a technology solution, the fact is that your employees can be both the best defense and greatest weakness in your network. If your employees are trained to recognize signs of a ransomware attack, they’re much less likely to fall for it. Getting a user to initiate the infection always relies on some sort of deception, usually convincing the user that a site or email is legitimate when it is not. Not only does training help employees spot ransomware attack attempts better, but simply discussing it will help keep them more vigilant to the possibility.
Ransomware can be a frightening threat, but it’s crucial to remember that the more steps you take to protect yourself, the better off you’ll be. Investing in robust hardware and software security solutions is important, but it’s equally important to keep your employees aware and alert. To learn more about ransomware and solutions for preventing it, Contact Us today.