In today’s interconnected world, many of the risks faced by business comes through a digital network. Attacks come in many forms, but among the fastest-growing of them is the ransomware attack.
While ransomware has fallen in prevalence over the last few years (attackers increasingly use phishing as a go-to means of obtaining access to a network), it’s still a problem that business should be concerned with – especially given that the costs can be so disastrous.
The WannaCry ransomware, which was revealed to have infected more than 200,000 machines around the globe, cost an estimated $4 billion globally. While most ransomware attacks are smaller in scale, they can be just as consequential for individual effected businesses.
What is Ransomware?
Let’s define what it is that we’re talking about. Ransomware is a malicious program that will lock your computer, or threaten to destroy your data, unless a ransom is paid. Programs of this kind tend to enter your network either through dodgy websites or through e-mail attachments. Once they’re in, they can wreak havoc. In both cases, some level of social engineering is used to persuade the person using the target machine that they need to take some action or other.
What can I do?
The thing that you must not do under any circumstances is pay the ransom. This is very rarely the solution, since there is nothing to prevent the attackers from simply taking your money and running. Having done this, they’ll use the money to develop another piece of ransomware and attack someone else.
The most effective actions you can take to protect yourself are preventative actions. Make sure that all of your data is comprehensively and regularly backed up. If you suffer an attack, this will be your means of avoiding having to pay the ransom. Just be sure that you have gotten rid of the ransomware entirely before you restore the backups.
Another critical step you can take is to educate your workforce on the threat being posed. As we’ve mentioned, social engineering provides an opportunity for viruses to find their way into your network. Educating workers about what they should be wary of might make the difference.
You might enlist the aid of technologically-savvy lawyers before an attack takes place. This will give you a good chance of recovering from the problem, and covering yourself against data-protection liability.
Updating software will help to provide a digital bulwark against all forms of malware. This might mean the antivirus software installed on individual machines. This software relies on a continually-updated database of virus definitions – little fragments of code which help to clue the machine in on what’s a virus and what isn’t. By keeping the software updated, you’re giving it the best chance of spotting a threat. This also applies to the operating system itself, which should be kept continually updated.