Ransomware is malicious software – malware – that encrypts data and / or IT systems. It effectively holds your data to ransom and generally means you can’t access it again until you have paid a sum of money (sometimes quite substantial) to the attacker. Ransomware attacks are becoming more frequent, and more sophisticated, but luckily so is our understanding of how to protect our data from such attacks. What steps can you take to reduce the threat of ransomware?
- Beware of what you phish for
Many ransomware attacks start life as links or attachments in phishing emails. The golden rule here is to always be careful what you’re clicking on. If you don’t know the sender of an email, or the address doesn’t look familiar or even legitimate, don’t click anything! It’s well worth investing in some training on how to spot potential malware and what to do it if strikes – take a look at this course offered by Bob’s Business, for example.
- Filter out the bad stuff
Email filters are very good at holding on to suspicious looking email whilst still letting the good ones through. They capture and quarantine spam messages using markers they expect to see in unwanted mail. The odd legitimate email may end up there too, probably because it had a similar profile or wording usually used in spam messages. If you use Outlook, you will be familiar with the Junk folder and it’s worth taking a look in there every now and again to make sure there’s nothing lurking that you actually want!
Email filters also look for malicious code which can be contained in documents, executable files and zip files. The filters scan such attachments before they’re opened or even allowed into your inbox. Definitely worth checking how filter-savvy your email client is.
- Be cyber-savvy
In the first half of 2019, there were 6.4 million ransomware attacks in the UK alone. The ICO reported that 4 out of every 5 cyber-attacks or security breaches occurred as a direct result of human error. Rather than risk having your data or system held to ransom, it would be far more cost effective to train people in cyber security, raise their awareness of what it is, how to be safe online and what safeguards to take. At the same time, you can make sure your data is being handled safely and in line with the GDPR and ISO guidelines. There are many courses available, including this GCHQ-approved course by Bob’s Business. Malware is constantly changing and becoming more sophisticated, so it’s a good idea to keep up-to-date.
- Bite back at malware
As well as using antivirus software, we would recommend always installing an extra defence layer in the form of anti-malware scanning software. These sit in the background of your computer, detecting malware before safely removing it and repairing any harm that it may have caused to the computer. There are various options available, some paid and some free, and definitely worth investigating.
- Be secure with your backups
We can’t stress how important it is to securely back up your data. The more frequently you perform secure backups, the greater the chance you’ll have of recovering an almost real-time version of your data, vital in the event of a cyber-attack. How many businesses can afford to not protect their primary, unique asset, namely their customers’ and their own data. As an example of what secure backup could mean to your business, take a look at the solutions offered by Asigra.
You really can’t be too careful when it comes to ransomware. It can be incredibly destructive for any size of business. But implement our five points above and you instantly reduce the risk whilst improving the resilience of your organisation – and your peace of mind.
