Ransomware: The Do’s and Don’ts

Building an anti-ransomware strategy for your business? Here's some easy pointers on what to do (and not to do) when it comes to ransomware.

Ransomware may seem like a monster that, if it came knocking, could easily flatten your business. However, there are a number of easy tips and tricks that can insulate you from a ransomware attack.

What is Ransomware? A Quick Primer

Ransomware is a type of malware which encrypts your data, then demands a ransom. If you decide not to pay, your data is locked indefinitely, deleted, or something worse. It is universally agreed that the best strategy when it comes to ransomware is not getting your machines infected in the first place.

Ransomware demands can be anywhere between tens of dollars to hundreds of thousands. It hits everything from home users to big businesses. Because it is distributed digitally and often indiscriminately, everyone with a machine is at risk.

The Do’s

  • Restore impacted files from confirmed clean backups: When you’re hit with ransomware, you want to make sure to only restore from backups you know are clean and stable. This means keeping your backups clean from ransomware with a built in countermeasure (Like BackupAssist’s CryptoSafeGuard feature).
  • Use a reputable firewall and antivirus software: You want a multi-layered defense should your machines be targeted for a ransomware attack. A firewall and AV software will go a long way to slowing it down, if not stopping it in its tracks.
  • Use content scanning / filtering on your mail servers: One of the most common ransomware infection routes is through email. By denying ransomware this avenue, you’re going a long way to making your business ransomware-proof.
  • Keep your systems and software up-to-date and patched: A lot of businesses fall behind on patching their software. There’s a few reasons for this – patches mean things can break, they can be a pain to implement, or they could cost money through a subscription. But the end result is that unpatched software is specifically targeted by ransomware makers, so don’t give them this backdoor into your machines.
  • Train your employees to recognize the signs of phishing: Teach them to think twice before they click. It might feel like a uphill battle, but human error is something you need to account from. Teach them about the risk of virus-laden documents and suspicious emails.

The Don’t:

  • Pay the ransom: If you’re hit with ransomware, studies show your files will probably not be unlocked, or you’ll be hit again once you’ve paid. There’s also the wider social implication – by paying the ransom, the ransomware makers will be rewarded, and go on to attack others with your financial backing.
  • Provide your personal information when answering texts, instant messages, phone calls or emails: Not only could this be a phishing attempt (even if it comes from someone you recognize), this email could be used by someone trying to gain intel to perform a future attack.
  • Leave your internet connection active during a ransomware attack: You really want to do this during the early stage of the attack, because you might be able to stop the ransomware completing its encryption routine (by disrupting its connection to a Command and Control server).
  • Run backups when your system is infected with ransomware: The moment you suspect your systems are infected, stop backing up your data immediately. You don’t want ransomware to infect your backup destination!
  • Wait until a threat strikes to employ ransomware countermeasures: Prevention is the best cure when it comes to ransomware. A backup strategy is the first step on your list, followed by everything else.
  • Give yourself or others more login power than necessary: It’s nice to have lots of control if you need it, but it’s also a security risk. Don’t stay logged in to anywhere longer than you need to.
Share on email
Share on print
Share on facebook
Share on google
Share on twitter
Share on linkedin

Download

BackupAssist

Start your free 30-day trial today