Ransomware attacks have affected companies large and small across the globe. In May, the WannaCry ransomware spread to organizations in more than 150 countries, affecting more than 300,000 devices. Ransomware encrypts files or locks computer screens and demands that victims pay a ransom—usually in a cryptocurrency such as bitcoin—to regain access to their data. It's become wildly successful for criminals over the past few years. That's the bad news.
The good news is that you may be able to help prevent ransomware attacks. Taking these steps can help protect your data.
1. Train employees. Ransomware is frequently transmitted when someone clicks on a link or an attachment in an email or web pop-up. Employees should be wary of suspicious, unknown or unsolicited emails and pop-ups.
2. Keep your software up-to-date. Software updates frequently include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers. Promptly install the latest security enhancements. Microsoft released a patch for the WannaCry vulnerability eight weeks before the May attack, but unfortunately, many organizations hadn't installed it. Businesses are sometimes reluctant to update software because of issues integrating it with other legacy systems. If that's the case, check with your information technology (IT) suppliers to see if they offer solutions.
3. Install anti-virus software and a firewall. Be sure you deal with a reputable anti-virus vendor, and keep the software up-to-date so it blocks the latest emerging malware. Install on all devices, including tablets and mobile devices as well as laptops and PCs. Smart devices — the internet of things — can also be targeted, so help protect them as well.
4. Use the 3-2-1 rule for backing up data. Back up your most important files regularly, making three copies. Store them in at least two locations, with at least one on offline, physical media. It's also a good idea to check the integrity of your backup copies periodically. If you have adequate backups and you're attacked, you can erase all the data from the machine and restore it from the backup once the infection is removed.
5. Employ content scanning and filtering on your email servers. Scan inbound emails for known threats and block any attachments that could pose a threat.
6. Create a security plan for your business. Develop a schedule for installing security updates that doesn't interrupt productivity. Involve IT professionals in holding regular training sessions for staff. Put together an incident response plan so everyone knows what to do and who to notify in case of an attack.
If you've already experienced a ransomware attack
If you're struck by a ransomware attack, paying the ransom is not a good idea. It doesn't guarantee that access to your files will be restored, and it may make you a target for more malware attacks. Plus, you'll be financing criminal activity.
If you detect an attack, disconnect affected devices from the internet so they don't infect other machines. If you have backed-up data, clean the infection, then restore your data. If you don't have good backups, consult an IT professional who specializes in data recovery to find out what options you might have. Always report the crime to law enforcement.
Keep your guard up
California Bank & Trust stands ready as your financial resource to Help Protect You & Your Business. Explore our Privacy & Security center to learn more about schemes and challenges and how you can help protect your business from them.[cite::171::cite] [cite::172::cite]