7 Steps to Protect Your Business Against a Ransomware Attack

original here: http://www.monitis.com/blog/7-steps-to-protect-your-business-against-a-ransomware-attack/

The recent WannaCry ransomware virus, which impacted 200,000 victims and infected more than 300,000 computers around the world, sadly illustrates the growing global threat of cyber crime. Once the bane of the occasional lone, unsuspecting victim, ransomware has now escalated to become a problem for major companies and national networks. The follow-up Petya virus in June wasn’t as widespread but was in many ways much more dangerous.

The bubonic plague of all computer viruses, ransomware works by infecting a system usually through email or web popups and then takes controls and demands a ransom ranging from $300–600 USD. The most recent attack targeted a vulnerability in the Microsoft Windows Operating System.

Ransomware is a serious matter and can cripple an entire company and make its victims feel entirely helpless. The strategy operates on the fear that unless you pay a ransom then your data will be wiped out. The stakes are high but playing the game of the cyber-thieves is no guarantee either and many a victim has paid the ransom only to have their data eliminated altogether.

Fortunately, there are ways to protect yourself and your business against ransomware. Read on for 7 strategies for beating the bad guys at their own game.

1. Upgrade to Most Recent OS

The recent WannaCry virus exploited a vulnerability in all pre-Windows 10 operating systems. While Microsoft released a patch in March of 2017, many impacted users had not upgraded to the patch by the time the virus was released two months later. This shows the absolute necessity of frequent upgrades and of keeping company operating systems as current as possible.

2. Enable Latest Patch Updates

While there’s no substitute for using the most current operating system, the next best thing is to install the latest patches. The wisest strategy here is to enable Microsoft to automatically update your computer so that these fixes are installed for you.

In cases where your version of Windows is no longer supported, you can go to the Microsoft website and download the patches you need to protect your computers based on the version of Windows you have.

3. Backup Files Remotely Every Day

The best guarantee against losing a company or personal data is backing up your files remotely every day. Backup storage in the cloud is extremely popular today but any backup strategy should also include redundancy, and that includes offline storage as well.

Offline storage is an important measure for ensuring that your data is far from the fire, flood, tornado, or leaky pipe causing havoc at your office. Also keeping data in offsite storage is the absolute best way to avoid losing any information if hit by a ransomware attack.

4. Avoid Suspicious Email Attachments

A common infiltration point for ransomware is spam or fake emails that purport to be from legitimate corporations, banks, or other institutions. Never click hyperlinks in suspicious or unverified emails, especially ones requesting information or payments.

Keep in mind as well that legitimate institutions that offer payment options will always have HTTPS websites equipped with an SSL certificate. Implementing desktop and network firewalls and anti-spam email software also will reduce the likelihood of these kinds of attacks.

5. Firm Up Your Anti-Virus Protection

Businesses and individuals alike must have robust protection programs in place that not only fight cyber-attacks but also notify you when there is a threat to your computer. These programs include firewalls, anti-virus programs, and other protective software. Names such as ESET, Malwarebytes, and McAfee are some of the top brands that will alert you if a malware is trying to encrypt your files and what actions are being taken to stop it.

6. Mind Security Tips Using Public Wi-Fi

Another common entry point for ransomware viruses is through unsecured or poorly protected Wi-Fi networks. If you’re on a public network, then it is important to check your security settings just to be sure you are not set to public.

If possible, it’s best to use a virtual private network (VPN) and avoid public networks altogether. While no guarantee against ransomware, a VPN will at least reduce the risk of you being a target.

7. Implement a Disaster Recovery Strategy

It’s important for any business to have a DRP, or disaster recovery procedure, in place. This is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster. Like insurance, you always want to make sure you have it when you need it.

The worst-case scenario would be one where a ransomware attack cripples a business for good. Statistics, in fact, show 60% of businesses that experience any kind of “data disaster” close shop within 6 months of the event.