How to Protect Your Business from Ransomware

March 19, 2017

Cyber criminals saw a lot of success with ransomware in 2016, making it almost inevitable that they will continue to use this attack method in 2017. Ransomware grew by 80% in 2016, attacking IoT-enabled devices. McAfee predicts ransomware will peak in the middle of 2017.

Businesses are increasingly being targeted, mainly because they represent deeper pockets. So it is vital to understand what ransomware is, how much of a threat it is, and how to combat this security concern.

What is Ransomware?

The term ransomware was coined because this type of invasion literally holds your data and/or website hostage while demanding a ransom to release it. The good news is that generally the information is not stolen, although that is not always the case. The bad news is that just as in regular hostage situations, there is no guarantee that once the ransom is paid the “hostage” will be released unharmed.

How Much of a Threat is Ransomware?

According to a report by Symantec, from January 2015 to April 2016 more than half of the ransomware attacks were on consumers, with only 43% hitting organizations. The majority of the attacks on organizations targeted the service industry, with hospitals getting hit hard. Total reported cases of ransomware went on to grow 80% through 2016, according to McAfee. It is wise for everyone to consider ransomware a serious threat.

How to Combat Ransomware

As already noted, dealing with ransomware after infection is tricky. The best way to combat the risk is to prevent it from happening in the first place. Here are a few tips for improving your odds.

• Back Up System and Data. Regular backups should be separate from the computer and network, such as on an external drive or to a backup service. Restoring an infected system to an earlier date can be effective, so be sure to do system backups as well as data backups.

• Safeguard Emails. A common access point is through emails, so having a quality gateway mail scanner can go a long way toward protecting your company. Train your employees not to open .EXE or .ZIP files unless they are certain of their origin and security.

• Software Updates. Keep your software, including POS systems, updated regularly, as many software developers are working diligently to add ransomware blocking features and reduce vulnerabilities.

• Cyber Security Suite. Be sure to have the best cyber security suite possible, particularly one that focuses on malware and ransomware.

How to Handle an Attack

There is still no hard and fast rule on whether or not to pay the ransom if you face an attack. The FBI is recommending that you pay it, but most security experts advise against it. If you pay, will they honor their side of the bargain? If you don’t, will they do something to your data? The best thing to do is notify the incident response team for your security suite so they can help with remediation and restoration.