Ransomware is a type of malware that encrypts, locks, or holds valuable digital files hostage and demands a ransom for their release. When it happens, it's almost like turning off the power to your business.
As you know, the inability to access important current or historical data in any organization can be catastrophic. The disruption to regular operations, losing a client's or your business's sensitive information, financial losses incurred to restore systems and files, downtime and the potential harm to an organization's reputation is hard to quantify. Before a cyberattack keeps you awake at night, please take a look at some recommendations and prevention efforts to minimize the impact should a cyberattack hit your business.
But first....What does the FBI Recommend?
As ransomware techniques and malware continue to evolve and because it's difficult to detect a ransomware compromise before it's too late, organizations in particular should focus on two main areas:
1) Prevention efforts, both in terms of awareness training for employees and robust technical prevention controls
2) The creation of a solid business continuity plan in the event of a ransomware attack.
According to FBI Cyber Division Assistant Director James Trainor, "There's no one method or tool that will completely protect you or your organization from a ransomware attack," said Trainor. "But contingency and remediation planning is crucial to business recovery and continuity and these plans should be tested regularly."
Tips for Dealing with the Ransomware Threat
-Security Awareness Training. Hackers are sophisticated and regular scheduled education with employees just doesn't cut. Employees must understand their vital role to protect an organization's sensitive data. Hackers are using what is called "social engineering" to exploit the "human factor" to entice or trick users to install or open a security hole that can impact an entire organization. Phishing is a form of social engineering that uses e mail or malicious websites to solicit personal information by posing as a trustworthy organization. Employees responding with the requested information feeds hackers with the information they use to gain access to accounts.
-Simulation attacks. Employees are the outermost and most sensitive layer of security and that vulnerability needs ongoing training since hackers are training just as hard to break into business systems. There are many good tools to simulate attacks. It begins with a baseline of how employees handle phishing campaigns and then implement a immediate processes to protect the organization from attacks.
-Software Based Protection. It goes without saying that Antivirus, anti spam and Firewalls are a must. For our article, we are going to focus on ransomware and software solutions that could be implemented.
Microsoft has a feature called Software Restriction Policies that should be initiated so that only specific software (as defined by policy) can be run. Another must option in addition to running your antivirus software is using specialized software to scan for these viruses. There are many software tools that continually scan for ransomware-type activity and it's critical to monitor activity and alert your users.
-Software updates. Seems simple, right? Microsoft, Apple, Samsung and a host of other hardware and software companies want to protect their users and certainly their brand. Google too wants to protect their brand and has processes in place to warn website visitors if a website may be infected. This infection can drop your organic search footprint like a lead balloon. As always, follow security recommendations for software updates.
-Backups. Ransomware protection must include regular backup of your files with a regularly TESTED restore process. Choosing a on-site or a cloud based solution is a preference. Backups with a redundant system work only with the routine of walking through a restoration process. With any size business, it's important that team members know each others role especially if there is any turnover or change of duties with your employees. Test the backup file, and schedule the next test.
As the threat to your systems evolve, remember what Dustin Dykes shared once, "The adage is true that the security systems have to win every time and the attacker only has to win once".
Contact Jake Garrison @ (1.888.726.7539 and or JGarrison@ansleycomm.com) for FREE Ransomware Attack Ransomware Checklist