In 2017, ransomware attacks increased by 90 percent, making it the most prevalent variety of malware. Every organization should be thinking about ransomware protection and detection – because proper security is always more prudent than the costs of a ransom or lost time and data.
Ransomware is changing and evolving – and so are network security offerings. Here are a few things you need to know to protect your business against a ransomware attack.
What does ransomware look like in 2018?
Raising awareness of the risk of clicking suspicious email links has helped curb ransomware attacks, but hackers are getting more creative with their attack methods. Their code is getting more complicated and less predictable. Here are a few ways ransomware has evolved:
- Slow + Random Encryption
Ransomware creators have slowed and/or the encryption process so that it doesn’t follow the typical patterns that anti-malware software are designed to notice.
- PDF + JPEG files
Although malicious links sent via email are still the most popular way to send ransomware, some creators have sent infected PDFs, documents or images that launch a script when opened.
- Fewer code mistakes
Ransomware authors are getting better at their craft, which means researchers can’t use their mistakes to determine the decryption keys.
- Complicated code
Some ransomware attacks can launch multiple encryption processes to speed up the entire attack. We are also seeing more polymorphic code that changes throughout the attack to prevent decryption.
How to protect your data from ransomware
Since ransomware captures your data, your first security step should be implementing a backup and recovery plan. Schedule regular test backups to lessen the impact of a data breach and help in the recovery process. You’ll also want to keep critical backups off your network in case your network itself gets attacked by ransomware.
Modern businesses create a massive amount of data, so creating a reliable backup is difficult – unless you turn to cloud storage. The cloud is a low-cost and simple option to store your large critical backups. When set up correctly, you an alleviate privacy concerns often associated with the cloud. Set up your data storage with object stores, but make sure to block cloud service providers (CSPs) from accessing that data. Creating the backup and storing it – all while the data is encrypted – will help keep your data secure.
A critical component of your data security plan is ransomware protection software. Systems like Veriato RansomSafe detect ransomware attacks, shut them down, and recover your files. RansomSafe installs and configures in less than 10 minutes, saving your business time and money. It’s continuously updated so it immediately detects attacks and creates a current backup before any data is encrypted. In the first 3 months of 2016 alone, ransomware attacks costs were $209 million. The right security software can protect you from attacks, and minimize your recovery time to help keep you efficient.
Besides implementing a solid data security plan, there are a couple other things you can do to protect your business from ransomware attacks.
Though email is no longer the only way hackers launch ransomware attacks, it is still the most common method. Make sure your employees know not to click on suspicious links or attachments from senders that seem suspicious or that they don’t recognize. Showing examples and explaining why this caution is necessary can help your employees feel responsible and engaged in security measures.
Have your emergency contacts ready
Ransomware attacks are prevalent and the chances that you’ll be targeted are unfortunately high. Know how to quickly engage your business’s security software partners. Have instructions for network users ready to go. That way if you are attacked, you can immediately react and minimize damage.
Ransomware attacks should be a concern for every business. To protect your data, set up a solid data security plan that involves encrypted cloud storage and quality ransomware protection software. Educate your employees and be aware of threat possibilities. Ransomware creators are getting smarter about their attacks. It’s time for you to get smarter about your defense.
Insider Risk – How Prepared Are You?
Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.