Ransomware: What You Need to Know to Secure Your Data Today

Each year, major cyber security companies and other industry experts release their predictions for the year ahead. These predictions include what attacks they expect to see most frequently, as well as trends in security improvements. One of the threats that almost all of the experts believe will have a growing impact in 2016 is ransomware. What is it? What can you do if you are victimized? Better yet, how can you prevent becoming a target in the first place? Here are your answers.

What Ransomware Is

Ransomware happens when an attacker unleashes malware into a business’s or individual’s computer system(s) and threatens to enable the malware if the business or person doesn’t pay a ransom. Ransom demands can vary from a few hundred dollars to thousands of dollars. The attacker may threaten any number of actions if the victim fails to pay: deleting their data, corrupting their data, or releasing their data on the Internet. This is what happened to Ashley Madison in 2015.

How to Handle a Ransomware Incident in Progress

Experts and law enforcement agencies agree that victims should never pay a ransom. First, there is no guarantee that the attacker won’t activate the ransomware even if they do pay. Secondly, once the payment is received, it isn’t uncommon for the attackers to demand even more. Thirdly, successful ransoms encourage the attackers to keep doing what they’re doing.

How to Prevent and Protect Against a Ransomware Attack

As is always the case, preventing an attack is far, far better than trying to deal with one that’s already happened. The first and foremost protection against ransomware is to have excellent backups in place. However, you need to hang on to backups for as long as possible, because it can be some time before the malware behind a ransomware attack is detected. You will need to have a copy of your backups dating before the malware was introduced to the system.

Next, you need up to date malware protection, antivirus software, and spyware prevention software. This should be supported by a strong next-generation firewall. Be sure the firewall protection is also updated regularly.

Another excellent preventative measure is good employee training. Malware infections that support a ransomware attack come through the same ways that any cyber attack usually does—by accessing unsafe websites, opening dangerous emails, or following links to spoof sites. Make sure users are aware of how to identify phishing scams, how to identify nefarious websites, and what types of sites to avoid. Online gambling sites, porn sites, and music and video downloads are among the most dangerous online activities.

Better yet, you can store your sensitive and critical data with a reputable cloud service provider. Cloud vendors are in the cyber security business, even if that isn’t part of their name. Their whole business depends on securing their customers’ data, and they’re usually better at it than the business is. Bigstep can help.