Your business has been infected by Ransomware, now what?

Ransomware: it’s scary, it’s growing fast, its big business and no business or employee is immune from a potential attack.

In a nut shell, ransomware drops an encrypted wall between a business and the internal data and applications that the business needs to operate. But these attacks can be far more serious than simply the inaccessibility of data. If you’re not prepared, then your business could grind to a halt.

How to prepare and recover from infection

Currently, there is no sure-fire way to ensure your organisation’s safety from ransomware. But there are some vital steps you can take as a business to drastically reduce the chances of infection and ease the pain if you do fall victim to attack.

  1. Prepare – Most importantly for ransomware is developing a robust backup strategy and making regular backups of the data that’s important to you, once your files are encrypted, your only viable option is to restore the backup, pay the ransom or lose the data. A tiered or distributed backup solution that keeps several copies of backup files in different locations and on different media is good practise. You can’t be held to ransom for data you hold somewhere else! Stay on top of system updates and software patches as soon as they become available; some ransomware gains control by exploiting vulnerabilities in operating systems, web browsers, browser plug ins or applications. Typically, on systems where updates haven’t been installed. Deploying these patches is the most effective way of preventing systems from being compromised.
  2. Prevent – User education is a powerful yet frequently overlooked weapon in your fight against ransomware. Train users to recognise social engineering techniques, avoid clickbait, and never open an attachment from someone they don’t know. Attachments from people they know should be viewed and opened with caution. Email attachments are the number one risk for infection, drive-by downloads are number two, and malicious links in email are number three. Humans play a significant factor in getting infected with ransomware. Its good practise to ensure users aren’t able to install software on their devices without authorisation of an administrator. You should also use a security appliance or service to monitor your outgoing web browsing traffic and filter attempted connections.
  3. Protect – At least 85% of malware threats can be avoided by best practise. For SMBs that still rely on individual PC antivirus for security, moving to a managed endpoint security solution can centralise security for the whole organisation, taking full control of these measures and increasing protection. Take a look at the permissions you have in place on a shared network drive regularly. This will prevent the spreading of ransomware to mapped and unmapped drives.
  4. Don’t Pay – If you haven’t prepared for and protected yourself against ransomware and you get infected, then it’s no doubt tempting to pay the ransom. However, paying can be risky as there’s no guarantee you’ll get your files back unencrypted and there’s no guarantee that the ransomware will be removed from your machine. In addition, paying could actually make you a future target.
  5. Stay Productive – If the damage caused by ransomware is all about disruption to your business, you could increase your business continuity by moving to the cloud. The level of protection and overall security you get from the cloud is far greater as Cloud providers have malware scanning, enhanced authentication, and numerous other protections that make the odds of them suffering from a ransomware attack very low. You are able to move all or part of your servers to the cloud.

The key thing here is that a ‘wait-and-see’ approach is not the best tactic.

Remember:

  1. Create regular backups
  2. Train employees to avoid infection
  3. Install regular updates and patching
  4. Limit administrator privileges
  5. Purchase comprehensive antivirus and antimalware software

If you are still using Windows XP – you are no longer supported or protected by Microsoft security updates and you are more vulnerable to malicious software and outside threats. Now is the time to switch to Windows 7 or 10. Contact us at Smart to upgrade your Operating System with minimal disruption.

For further information and advice, give Smart a call on 01242 580654. We can offer extensive protection through Smart Protect and Backup and Email Filtering through Smart Cloud. Together we can help you stay protected.