Ransomware is now the most common type of malware, involved in almost half of all incidents reported to cybersecurity companies. It used to be mainly a problem on Windows desktops and laptops but now criminals target Android devices and – increasingly – business systems. That means bigger ransom demands and extortion rewards for the criminals.
It’s Incredibly Simple To Execute A Ransomware Attack
There are even YouTube how-to videos and over 6,000 websites offering DIY kits for carrying out attacks. That tells us that the count of victims will explode. Estimates put the number of ransomware attacks at 4,000 every day. Avoiding an attack takes some simple actions.
1. Keep Offline Backups
Ransomware attacks lock you out of your data by encrypting it. The malware may detect network storage devices and databases and encrypt them too. Assume that all data will be affected. The attacker offers to decrypt it after you pay their ransom demand. Regardless, you need to be able to recover as quickly and painlessly as possible. Taking backups to devices that are then disconnected from the network is the only sure precaution.
2. Secure Your Email – It’s The Gateway For Ransomware Attacks
Ransomware attacks start with an email attachment. Criminals hide the malware inside documents, videos, photos, zip files and practically any type of attachment. While many people are aware of the general threat posed by attachments, criminals are increasingly clever. An email sender can easily be spoofed so that it appears to come from someone you know – a colleague perhaps. Always ask yourself if this person would normally send you this type of attachment. A quick phone call is a simple precaution compared to the damage of a successful attack.
3. An Informed Workforce Is The Best Defence
Companies need to heighten awareness in the workforce as a top priority. Reinforcing the message at regular intervals is the best way of keeping all personnel alert. Every employee, from apprentice to director, should be well-drilled in the immediate actions to take if they are subject to a ransomware attack:
- Unplug from the company network
- Disconnect Internet access
- Shut down the desktop / laptop / phone / tablet
- Inform IT security immediately
4. Draft A Business Continuity Plan
Ensure that business continuity and recovery procedures are tested and kept up to date. Getting back to normal operation quickly minimises the cost of a ransomware shutdown.
Email addresses are the front door key that criminals use to gain entry to your workplace. Data leaks mean there are millions of them in circulation online. Prevent your organisation from contributing to data leaks and breaches by disposing of old IT equipment professionally.
Download our Guide To Mobile Data Shredding and see how data can be securely sanitised in your own offices.