Ransomware is malicious software that infects a computer and displays a message demanding a fee be paid in order for the system to work again. With critical data and systems at risk of being held hostage – sometimes for ransom of thousands or tens of thousands of dollars – it is critical to protect your business from ransomware attacks.
The important thing to understand if you want to protect your business from ransomware attacks is that ransomware does not just show up on a computer. The victim actually (unknowingly) initiates a download of malicious software to the computer.
How Ransomware Works
Cybercriminals are cunning in their methods. They are skilled at tricking people into clicking on a link or downloading a file that may look legitimate. Tricks cybercriminals use to try to initiate a ransomware attack include sending emails that appear to be from:
- A mail carrier, like UPS or FedEx, stating that a package is being delivered to you and asks you to click on a link
- Someone in your contact list – possibly even a co-worker – that has a file attached
- A vendor or service provider with an invoice attached
- A banking institution, like PayPal, asking you to click on a link
Once users click on the malicious link or attachment, the ransomware encrypts their data, locking people out of their files. A screen will appear, threatening to prevent further access to the files unless a ransom is paid.
To make matters more complicated, an employee could open a malicious file without immediately knowing it. The virus will download and be working in the background, but the computer lock and demand for ransom may not occur until days or weeks later. This makes it even harder for the victim to pinpoint what file or link could have triggered the ransomware. It’s also more difficult for the authorities to locate the criminals responsible. This is all the more reason to be proactive with efforts to protect your business from ransomware attacks.
3 Ways to Protect Your Business from Ransomware Attacks
There are three primary ways to protect your business from ransomware attacks:
Back Up Files
The best defense against ransomware is to outwit attackers by not being vulnerable to ransomware threats in the first place. This means backing up important data daily. This way, even if the virus encrypts your computers and servers, you won’t be forced to pay to access your data again. It’s the first step to protect your business from ransomware attacks.
To protect your business from ransomware attacks, it’s important to implement standard IT security measures. This could include technology to detect ransomware and other malware, and patching software security holes to prevent malicious software from infecting systems. However, keep in mind that no security product is infallible. And, it is actually people who present the biggest risk factor when it comes to ransomware attacks.
Users must perform an action to trigger a ransomware download. Therefore, employee training is critical to protect your business from ransomware attacks. At Atlas Professional Services, we provide our clients with training to help employees identify possible ransomware. Tips include:
- Before clicking a link or opening a file, pause to ask yourself if it makes sense. If you get an email that appears to be from UPS but you’re not expecting a package, that should raise a red flag. Or if you receive an email that appears to be from someone in your contact list that you haven’t talked to in years and the message doesn’t really make sense, don’t open the attachment.
- One way to identify a malicious email is to check the spelling of the sender’s email address. An email may come through to you looking like it’s from “UPS.” But if you click on the email address and it’s from “email@example.com,” that should raise suspicion.
- If you receive a suspicious email, contact your IT department – only forward them the email if they ask you to. Then delete the email permanently from your Inbox and Deleted items.
Much of the ability to protect your business from ransomware attacks comes down to common sense, paying attention to details and thinking before acting.
If you’re concerned that there’s more you should be doing to protect your business from ransomware attacks, our team would be happy to talk. Contact us today to start the conversation.