Probably in the last time you have seen or read several news in the media mentioning a new case of a company or organization hit by ransomware. This is a type of malware or malicious software program that infects data processing devices (computers, servers or mobile phones), and blocks their operation.
This way, it prevents users from accessing their own files, databases or applications and requires the payment of a “ransom” to be able to access it again. The first variants of ransomware date back to the 1980s, when the ransom payment was made via post mail. Today, instead, payment is requested through cryptocurrencies, such as Bitcoin, or credit cards.
One of the most famous ransomware has been “WannaCry”, which caused great problems a few years ago, and showed the world how companies such as Deutsche Bank and FedEx, or organizations such as the United Kingdom’s National Health Service, had their computers infected and were forced to pay in Bitcoins to unlock their data.
This is a tactic that was rare at the time but has now become one of the main trend-setting threats in cybersecurity reports. It is a growing risk that generates billions of dollars from payments to cybercriminals, damages and losses at company-levels. Furthermore, there is also a negative impact on credibility and reputation of a company whose customers see how it has been attacked by ransomware, which means that their own information is surely exposed.
Why should we care?
One of the effects of the pandemic is the sharp increase in cyberattacks worldwide; where ransomware has also increased its numbers. According to a new study by Accenture, ransomware attacks grew 160% during the health crisis. Rescue demands range from US$100,000 to US$50 million, with retail and consumer goods (38%), natural resources (33%), health and the public sector (17%) being among the most attacked industries. In other words, it is a real, current, growing problem that can affect any company.
Here are some tips to keep your organization safe from ransomware:
- Limit the infection ring: If your organization is already a victim of ransomware, immediately disconnect any infected device from your networks to prevent the problem from spreading.
- Eliminate the ransomware and clean the computers with an antivirus or antimalware before restoring your systems. It is important that you consider that by doing this, you will no longer be able to unlock the files by paying the ransom, although if you have a correct backup of the data in another location it should not cause problems.
- Restore from the most recent infection-free backup that your organization maintains. This will allow you to regain “clean” access to your information.
- Make backup copies: If you want to avoid the “hijacking” of your company information, it is essential, without a doubt, to have backup copies or backups of the data, either on local devices or on remote systems, so that if a computer becomes infected with ransomware, it will be possible to clean and restore it from backup.
- Maintain different access profiles: A precautionary measure is to determine for each user different rights or access profiles to the most sensitive files of the organization, so that not everyone can access or manipulate the information, limiting the scope of an attack based on the employee’s profile.
- Enable two-factor or multiple-factor authentication: This will provide an additional layer of security, since it requires several different forms of verification.
- Make your collaborators aware: Considering that cybercriminals tend to use social engineering to get people to install dangerous files, it is necessary that all collaborators in your company are aware of the importance of browsing safely online, being careful with the links they click on, not replying to emails from unknown senders, etc.
- Stay and keep your collaborators informed: Staying and keeping them informed about the latest ransomware attacks and how to avoid them will also be a contribution that will add a layer of protection. For example, it is useful to show examples of malicious emails, so that employees learn to identify them.
- Never forget the software: Use a comprehensive security solution, adding an additional layer of protection with a solution that can help protect your company from these cyber threats.
- Always update: Make sure to regularly and systematically update operating systems, antivirus software, antimalware or integrated security solutions, as each update regularly integrates patches for system vulnerabilities.
While ransomware is likely to continue to grow in volume and sophistication, taking these steps can significantly help you minimize these types of attacks, maintain your operational continuity, and, perhaps more importantly, keep your customers loyal to your company and your brand.
Learn how we can help you at Anida Latam with our cybersecurity service: https://www.anidalatam.com/soluciones/ciberseguridad/malware/