With just one click, a ransomware infection can enter your entire network. This can lead to significant downtime, a total loss of service, data or both - and even a financial hit, if you choose to pay a ransom. But you can fight back.
What is ransomware?
You may well know the answer already, but understanding the threat is the first step to creating an effective response.
Ransomware is a type of malicious software that, when deployed, takes control of your systems and data. Once it has taken root, it will demand a ransom, threatening either to block your own access to your systems – in a Denial of Service (DoS) attack – or even to release your data online.
The approaches of the attack can vary, but a ransomware infection can mean:
- Temporary or permanent data loss
- Little or no access to systems and applications
- Disruption to your operations
- Financial loss in several ways
- Harm to your organisation’s reputation
What can I do to avoid a successful ransomware attack?
Avoiding an attack is difficult, and can never be 100% guaranteed. There are, however, a number of actions you can take to minimise the chances of a successful attack upon your IT. These measures include:
- Cyber Security Awareness Training: as we said in the introduction – “just one click” can lead to ransomware infiltrating your system. The majority of successful cyberattacks and data breaches involve some form of human error – this includes those unfortunate “one clicks”. With cyber security awareness training, your team will be far more capable of spotting a potential cyberattack, with the ability to identify deceptive tactics. See below an example of an important topic that such training would cover.
- Endpoint Detection and Response (EDR): this next-generation anti-virus solution utilises Artificial Intelligence (AI) and Machine Learning to protect you from the newest cyber threats – commonly referred to as zero-day attacks. It even offers rollback capabilities allowing your data to be restored quickly and easily following an attack. EDR is much more effective at protecting your business than traditional anti-virus solutions that can take days to update before being able to detect emerging threats.
- Backup and Disaster Recovery: With a secure and reliable backup of your data, should a ransomware attack strike your IT, you’ll be able to reverse much of the potential damage they can do. Whilst you can’t prevent a threat to publish your data, you can retrieve data or regain access to your systems and data that the ransomware had destroyed or removed.
Cyber security awareness training
Cyber security awareness training is truly one of the most important measures you can take to protect your business. As an example of the important cyber security topics that you and your team should be fully clued up on, we’ve put together a checklist for ensuring that an email is safe to be opened and interacted with.
Check emails carefully before opening. Consider whether:
- I know the sender of this email
- It makes sense that this was sent to me
- I can verify that the link or attached file is safe
- The email doesn’t threaten to close my accounts or cancel my cards if I don’t provide information
- When I hover over a link in the email and the email address itself, the URL matches what I expect
Some more practical ransomware prevention tips
To help prevent ransomware attacks from succeeding, we recommend the following practical measures and procedures:
- Patch every device: Updating your software and devices is one of the first steps you can take to better secure your systems. Cyber criminals regularly target vulnerabilities in out-of-date or unsupported operating systems such as Windows 7 or Windows Server 2008.
- Back up all critical files, often: If a file is vital to your business, you should be treating it with proportionate care – backing it up regularly – ideally off-site as on-site backups connected to your network can be vulnerable.
- Close popups: Any popups, particularly those asking you to update account information or install applications that you didn’t request should be closed.
- Stick to trusted sites: It’s best to stay within the websites you know and trust, and also you should be vigilant when it comes to scams. If you see a “you’re a winner” banner, steer clear.
- Pay attention to your antivirus: Heed all warnings from your antivirus and report any alerts to your support team.
- Use bookmarks: By bookmarking the pages you use frequently, and the pages you trust, you can better avoid fake websites that use misspellings of well-known brands – like “Gogle.com”.
National Cyber Security Centre (NCSC): The NCSC is the UK’s technical authority for cyber threats. It’s part of the Government Communications Headquarters (GCHQ) and provides advice and support for the public and private sector in how to avoid computer security threats. Click here for advice on mitigating malware and ransomware attacks.
How should I respond if an attack is successful?
It’s as simple as this:
If you think your device has been infected, you should immediately unplug your computer from the network and call your IT service provider.
How can Air IT help?
Firstly, if you do suffer at the hands of cybercriminals, we can help you to quickly respond to a ransomware attack. We’ll find the best response that minimises potential damage and downtime.
Air IT can offer all of the services and procedures mentioned above and, as part of our proactive managed IT support service, we can significantly reduce the likelihood of a successful cyberattack. We identify and deal with thousands of IT issues for our clients every month, and our Managed Cyber Security Services can decrease the overall IT support costs of your organisation by as much as 50%.
We’ll conduct 24/7 system monitoring and manage all the updates so that your applications have the patches they need to be secure.
If you’d like to find out more about what we offer, please don’t hesitate to get in touch.