Ransomware is a big deal. It locks you out of your data, negatively affects your business continuity and in the case of HIPAA-bound entities creates a reportable event that can open you up to further investigation by HHS. A ransomware attack at the "right time"
Why why not pay the ransom if your data is encrypted? Because it's become more and more frequent for payment to be made and the data NOT be encrypted. Since payment generally has to be made in the form of Bitcoin - which is untraceable - the ransomware issuers don't really have to send a decryption key and it's becoming more common that they don't. Most people only consider paying in the event that data loss is catastrophic so this is a doubly crippling situation.
The best defense against ransomware is to be proactive in your protection measures. Here are our top recommendations to protect yourself against having to even consider paying a ransom:
- If you have a file server, make sure it's being backed up at least nightly and be sure that all files are a part of that backup.
- If you have files on local computers, make sure those files are being backed up as well. There are cloud solutions that backup in real-time that would allow almost instantaneous recovery of local files.
- Institute a strong SPAM filter. Most ransomware attacks are initiated from outside of the country and by blocking email coming from those countries you can avoid a lot of problems.
- Education is key! Educate all employees to never open attachments in emails from unknown sources and to question strange emails from known sources.
- Antivirus is not as effective as it is for other types of attacks but some advanced packages are now able to use heuristics to detect behaviors and stop a ransomware attack from happening. This is only mildly successful but every bit of protection can help!
- Keep your systems updated! Most current ransomware implementations exploit the human element but that doesn't mean that future incarnations will not exploit technical vulnerabilities. Patch, patch, patch!
A proactive, layered approach is always the best practice when it comes to cyber security. Investing in the right systems before an attack can make all of the difference in how quickly and effectively your business can recover when an attack happens!
If you have any questions on ransomware, cyber security or how NeoCloud Consulting helps protect our clients from ransomware and other threats, contact us today!