Like it or not, ransomware is business. When business is booming for you, that’s when hackers and threat actors get to work and hope to catch you and your business at its most vulnerable. During major sales events such as the Easter Bank Holiday, Black Friday sales and Boxing Day sales there is a significant upsurge in virus infections and ransomware attacks.
Security researchers at ESET estimate that 93% of infections are spread by email. So, what do you need to do?
1. Forewarned is Forearmed
Simply letting your staff know that this is a vulnerable time may be enough. Having them spend a couple of weeks at a higher level of vigilance could get you through the vulnerable period. Stress to them that this is the time that need to be extra aware and ask them to take that extra second to think before clicking the email link. Double check that the supplier site they’re using is the genuine article and has an SSL padlock in the top corner. Is that USB stick you found in the car park truly safe?
Look out for your co-workers, if they’re looking confused have a look yourself. If you’re in any doubt, contact your IT support. Better to have a 2 minute conversation than a 2 day recovery process.
2. Ensure Your Anti-Virus is up to Date
Don’t ignore that pop up that tells you your anti-virus is out of date and make sure it’s renewed in good time. No anti-virus can stop a determined thief, but failing to keep it up to date is leaving the door unlocked for them.
3. Backup Regularly
Should the worst happen, the only guaranteed way of recovering your data is to restore from backup. It cannot be stressed enough that paying the ransom is no guarantee that you’ll recover your data. Worse than that, the money funds further criminal activity and lets the attacker know that this kind of thing is worth their time.
Consider your current backup regime, do backups occur regularly enough? How much data can you afford to lose? How much effort would it be to re-do everything you did since last backup? Now go to the accounts department and ask the same question. Now HR. Now the MD.
4. Minimise Access
By only allowing users access only to what they need you can drastically reduce the impact of an attack. By locking access to folders by department, you can stop data loss beyond a particular set of folders. If your users are allowed to install software, ask whether they really need to. Could a super user account be used for software installs instead? Measures such as this can stop an infection dead in its tracks.
5. Consider Advanced Measures
There are other technologies out there that can help stop these events before they have chance to take hold. Next generation firewalls can act as an extra line of defence, scanning traffic on its way in and out of the network. Network monitoring tools can look for patterns of behaviour, stop them and send out alerts to your IT teams.
Remember, when you’re at your most stretched you’re at your most vulnerable. Cover your technical bases and watch your co-worker’s backs.