ransomware alert

By Troy Gill

We’ve all seen that movie where someone is kidnapped, held for ransom and the kidnappers demand a large amount of money. The movie usually ends with the bad guys being stopped and the victim brought safely home. Roll credits.

With ransomware, however, it’s all your data being held hostage and the ransom demand is usually relatively small. The victim here is your business – all because some virtual kidnapper was able to pass malware onto your computer or network. And can you really trust a hacker to just hand everything back once you’ve paid the ransom? Of course not.

Ransomware is a form of malicious software that allows criminals to encrypt personal files and demand payment for unblocking them. As the number of ransomware attacks continue to increase, it is essential for small businesses to shore up defenses to minimize the chances they’ll be infected. While there are reports indicating ransomware could cost $1 billion in damages this year, the true cost is difficult to pinpoint as you also have to factor in any potential legal fees, loss of productivity, increased IT workload, etc.

Today’s attackers will use every tool and technique at their disposal to breach security so it’s important that your business does the same to defend themselves. Here are five tips small businesses should look to implement to help prevent against these attacks:

  • AV is not Enough – It’s essential in today’s threat-filled landscape to deploy multiple robust security solutions. Anti-virus (AV) solutions alone will not keep SMBs protected these days. AV is an essential piece of the jigsaw puzzle but it is still just a piece. Deploying solutions like intrusion detection and protection systems, email filtering and web filtering in addition to AV can help reduce risk exposure.
  • Customize Defenses – It is also important for SMBs to work with security vendors, hands on, to customize their defenses. Making adjustments, like banning specific file types that are not essential to operations within your organization, can have a big impact and with very little time investment. Understanding where these threats are coming from can deliver huge returns.
  • Back up Data – Keeping regular back-ups is a great last line of defense that can help lessen the blow of ransomware attacks. If SMBs have been infected with ransomware, they will be forced to wipe the infected machine/s and restore from back-ups. If the data is not being backed up, they will be left in the precarious position of paying the ransom or moving forward without their lost data – which can end up just being an inconvenience or a major disruption depending on the systems infected. In some instances, though, there are publicly available decryption keys so SMBs should be sure to explore this possibility first.
  • Update Software and Hardware – This will be engraved on our tombstones because we say it so often. Software and hardware updates often contain security patches to holes that malware, like ransomware, wiggles its way through. The best type of regular software updates are automatic ones, but if that’s not feasible, SMBs should at least set up notifications to let them know when the latest update is available.
  • Secure the Human – Human error, whether intentional or unintentional, is often one of the biggest security pain points for organizations. The best way to prevent human error is to develop a formal security plan, and then implement it strictly. For example, a company practicing BYOD should have a policy ensuring that employees’ devices are not jailbroken, and that they’re performing regular software updates.

The most effective means of stopping ransomware is to prevent it from happening in the first place. Don’t wait until you’re a victim and then try to fix things; take simple routine precautions to protect yourself before there’s a problem. It’s much cheaper than supporting cyber terrorism.

Troy Gill is manager of security research at AppRiver, which provides email messaging and web security solutions.