If you’re a cybercriminal then ransomware will most definitely be your weapon of choice. But exactly what is it and, importantly, what can you do to protect your business?
The clue is in the name; ransom, and it’s a form of malicious software that once it’s embedded in your computer or network it stops you accessing your data until you cough up some cash, or to be precise some Bitcoins.
Without beating around the bush, your business systems will be offline and the longer you can’t access your data the longer you can’t fully trade, and if your front-end system (that’s your website) is down then your customers will go elsewhere; and at worse never return.
Naturally a business isn’t going to shout from the rooftops that it’s been subject to an attack – it’s usually only the very largest hits that are publicised (remember WannaCry?) and only then when they strike national agencies or listed businesses.
Ransomware can enter your company’s PCs through an email attachment or via a browser if you visit a website that is infected with this type of malware, and it can also gain access via your network.
If you become infected, the attackers will give you instructions on how to pay the fee to get a decryption key to unlock your data, which can range from a few hundred pounds to thousands. No matter how large your business is, having to cough up is a real kick in the teeth; not unlike having your home burgled – it’s a violation of your privacy.
While no business is safe, it’s generally the small and medium-sized ones that are more subject to an attack (yes, even criminals do research); and during the final quarter of 2018 it’s been claimed that 71 per cent of ransomware attacks were on those companies, and it’s thought that by the end of this year businesses will be hit with ransomware every 14 seconds.
So how do you prevent an attack? Well there are three main areas; the first one being to make sure that all the software on your computers is up to date and that include your operating system, browser and any toolbar plug-ins you use.
You should also ensure that your antivirus software and firewall protection is up to date, and make sure you guard yourself with anti-ransomware software, and don’t forget regular data backups and the traditional rules of security: use strong passwords, restrict untrusted devices, only use administrator accounts to access your network where this can’t be avoided, and adopt multi-factor authentication.
Of course, all of this should be carried out by your managed service provider (MSP) or in-house IT manager.
However, what if the unthinkable happens and you are hit by ransomware, what do you do then? The main question is; should you pay the ransom? The answer is no, because it only encourages and funds the attackers, and even if you pay up there is no guarantee that you will be able to regain access to your files although in reality the vast majority of businesses do get their data back – but that’s still no excuse to pay up. What you should do is restore any impacted files from a known good back-up. Restoration of your files from a backup is the fastest way to regain access to your data; so you need to ask yourself; “does my business backup correctly?”.
You should also have a disaster recovery and business continuity plan in place using products such as those from Datto, which offer a safe and secure way to protect your critical business data not only from cyber attacks but potential disasters such as fire, theft and system breakdowns.
Datto’s products offer state-of-the-art secure protection from viruses, malware, and unauthorised access; automatic backup of business data all day, every day; easy accessibility to data backups through dedicated servers and an offsite copy of IT infrastructures that can be used as a replacement within minutes in the event of a system failure.