Near the end of 2016, ransomware programs were targeting a new business every 40 seconds. And with infections rising at least 200% in 2017, the odds are good that your organization will face some form of digital extortion in the near future.
Every strain or campaign tries to differentiate itself in different ways, but recognition and prevention always boils down to a few simple steps:
Most of the time, ransomware is spread via deceptive emails that include infected attachments or dangerous links. Cyber criminals use messages about compromised bank accounts or government fines to instill a sense of urgency that tricks victims into clicking on something before investigating where it came from.
Users who avoid suspicious emails, links and attachments will prevent the vast majority of ransomware infections.
Anti-malware applications detect ransomware by comparing programs running on your computer against a catalog of known malware, which means these solutions can’t protect you from brand new strains of ransomware. But as long as you’re up against malware that security researchers have had time to analyze and catalog, recently updated anti-malware software shouldn’t have any trouble preventing an infection.
Some ransomware programs infect your files by taking advantage of flaws in software applications. For example, a loophole in Windows’ programming allowed WannaCry to spread itself to other computers without any extra help from its creators or from infected users.
At the time WannaCry was released, Microsoft had already fixed the flaw that allowed it to spread, but close to a million users hadn’t updated their software. Installing updates for anti-malware programs, operating systems and even basic productivity applications is probably the most important thing you can do to prevent ransomware infections.
Ransomware programs that rely on data encryption to restrict access to your files need time to lock everything down. If you notice file names and extensions are changing, that might be a sign that you’ve been infected.
For instance, if a file named “budget.doc” changed to something suspicious (in the case of WannaCry, it would be budget.wcry), you would need to shut down your computer before the ransomware could infect every file on your hard drive.
Copying your files and storing them separately from the originals won’t prevent a ransomware infection, but doing so will render the attack mostly harmless. As long as your backups were made recently, you could reformat your hard drive and restore the uninfected versions of your files.
These tips will help you avoid the majority of ransomware infections, but for total protection, you need hi-tech solutions. Hardware firewalls, DNS filtering services, and cloud-based security protocols are all things that every small-business should have, and they’re not as expensive as you may think.
Binatech will help you design and implement customized network defenses. Once everything is finalized, our technicians will provide unlimited support going forward for a flat monthly fee.