Ransomware is a particularly devious form of cyber attack, and is one that is made possible when a file somehow penetrates your network security, and then encrypts all of your data so that it can’t be used. The cyber attacker will then offer to decrypt your data, or provide you with a key that will accomplish the decryption, after a sum of money is paid.
This has become a very popular form of cyber attack, because there are very few alternatives available to the victim, especially if the company being victimized does not take daily backups of its data.
As a company, it’s very important that you take every step possible to prevent the penetration of malicious files like this which can cause such widespread damage to your business. In general, there are two kinds of action that every company should take to prevent cyber attacks such as ransomware from succeeding.
The first set of actions involves taking a proactive approach to instruct employees about the need for maintaining security at all times, especially with regard to emails, the social media, and even using devices which have company data stored on them. The second approach is to automate as many processes as possible, so as to minimize the potential for human error, whenever those processes involve sensitive data owned by the company.
Emails and Downloads
It is known that most ransomware attacks occur because humans have made simple errors that allowed a malicious file to gain entry into the network, and to subsequently lock up company data. Training staff to avoid such mistakes can go a long way toward eliminating all these casual cyber attacks, for instance those which gain entry to the network via emails.
All staff members should be thoroughly indoctrinated about not clicking on email attachments, and not divulging company information via emails to anyone claiming to be a company official. All it takes is one ill-advised click on an email attachment, and a ransomware file could be downloaded into your system, with disastrous results.
Another very likely candidate for data breaches are downloads which company personnel carry out from the Internet. For the sake of company security, it’s best that the majority of employees do not have the capability to download executable files like games and other applications. Because the user is initiating the download, it would pass right through a company firewall, so this is something that should be restricted to only a few people, with actual need for downloading specific files.
Promote Data Security as a Culture
The most determined hackers will research a company and its personnel for hours on end, probing for weaknesses and opportunities to develop phishing campaigns. Some of these cyber criminals will go to great lengths, monitoring social media, reading company blogs and press releases, and learning as many clues as possible about the nature of the company.
This makes it extremely important that all staff members contribute to a culture of data security, so that it’s always uppermost in everyone’s mind, and the likelihood of a lapse is significantly reduced. Part of this data security culture should entail reporting all suspicious activities noticed by individuals, including emails which seem odd, and files which cannot be identified.
With a regular meeting scheduled weekly to discuss security issues, data security will become part of everyone’s thinking process, and it will become a part of company culture. If necessary, you can even incentivize the process to where safe practices are rewarded, and any insecure practices which are identified, can be pointed out and corrected.
Automating Processes for Reduction of Human Error
The first thing you should undertake in this area is to make sure your data is backed up to the cloud. This will give you the option to access your data, even if a cyber criminal successfully penetrates your system and locks up the data for ransom. If you have full access to yesterday’s data, that data can then be restored to your system with minimal loss of business activity.
Another good process to automate would be to block all .exe files from email attachments, so that employees can’t accidentally click on them, and trigger the loading of malware into your network.
As soon as you receive updates and security patches, they should be installed right away, so as to catch the very latest Internet threats and protect you against them. If you can automate this process, it would be even better, because your protection would start much sooner.
Make sure that antivirus software is installed at all user-facing portals, and also at endpoints on the network, so that threats can be identified and thwarted. You might not catch every single snippet of malware, or every single virus coming through the system, but it will block the majority.
It goes without saying that you should also have a good firewall installed, in addition to threat detection systems which are behavior-based. Once you get all these protections in place, it’s a good idea to conduct your own version of penetration testing, which will identify any weaknesses in your overall security scheme, and will also point up any threats which could be carried out against your network.