Ransomware – don’t put your business at risk
17th June 2016
Although ransomware has been around for decades, cyber criminals are becoming more sophisticated and recently there has been an increase in attacks against businesses.
What is ransomware?
Ransomware is malicious software which blocks access to your computer, files, browser or program until you pay a ransom. Ransomware arrives as an infected attachment in an email. The email would look important or legitimate. However, when you open the attachment your computer becomes infected, malware then attempts to spread out to your contacts and the virus locks all your files until you pay a ransom. You may have heard of the ransomware, Cryptolocker which appeared in 2013. The Trojan would encrypt files and threaten to delete them unless a £200 ransom was paid. The price of recovery would increase to approximately £2000 after 10 days! Cybercrime is big business.
Businesses are increasingly being targeted due to the value of their files, and the likelihood that they’ll pay up should they fall victim to an attack. The most sophisticated ransomware can encrypt and restrict access to servers, potentially bringing your entire business to a halt for days on end.
Are you at risk?
Yes! Ransomware is constantly evolving to avoid detection and to exploit software vulnerabilities. This recent article suggested that out-of-date applications are putting over three million servers at risk, with thousands of servers already affected.
Particularly at risk are businesses who:
- Use aging or out of date equipment
- Don’t keep regular back ups
- Don’t have a disaster recovery plan
- Are using unsupported software
What can you do to protect your business?
There’s a number of steps you can take to reduce the risk to your business, including:
Keeping software up to date. Avoid out of date software (Ninite Pro), and software no longer supported such as Windows XP, Server 2003, Apple Quicktime. Keep your operating system up-to-date with the latest security patches (Labtech).
Making sure your staff are aware of the risk. Share information on ransomware with your employees, and exercise caution when downloading files and opening email attachments.
Ensure you have back ups. Plus, take care that your backups aren’t vulnerable to a ransomware attack. Perform regular backups (Altaro), with an offsite copy (PC Comms Offsite).
Dig out the bug spray. Ensure all devices have an up-to-date Anti-virus (ESET) and Anti-malware solution (Malwarebytes).
First line of defence. Use a Firewall with Intrusion Protection (Meraki), monitor and lock down access to your network.
Review security privileges. Users that are set up as an administrator can pose a greater risk, consider tightening permissions and make it harder for ransomware to infect you.
Worried about ransomware?
Get in touch for a no-obligation review of your systems.