Ransomware – a new form of malware – is becoming an increased threat for businesses of every size. Ransomware is a version of malware that targets and encrypts a company’s data and a ransom is demanded from the cyber criminals in order to obtain the decryption key to unlock our business files. When ransom agreements are reached, users are given specific instructions on how to pay the fees in bitcoins. They can range from a few hundred dollars to thousands of dollars. Once the ransom is paid, however, the business has no assurance that they will actually receive the decryption key in order to access their data. Most experts agree that you should never pay the ransom.
With companies and businesses being at high risk for ransomware attacks, there are certain steps employers and employees can take to prevent ransomware from infiltrating your company’s network. These steps are simple, easily enforced, and can ultimately save your business from much more drastic consequences caused by ransomware.
1. Be aware of email links, and how to avoid fraudulent ones
Phishing scams can often look authentic and be easy to fall for if you aren’t paying attention. With cybercriminals becoming more and more advanced, fake email messages are becoming difficult to identify, often using another company’s logo and branding to look legitimate, yet they are the leading cause of hacks and scams such as ransomware. Employees must be aware that if an email or pop-up message is received, it is best to avoid clicking on them until they are identified as being legitimate. If in fact a link does look legitimate, check to make sure the URL it sends you to matches the URL with which you’re familiar. Hackers frequently redirect URLs to harmful sites.
In addition to clicking on email links, always be cautious about opening files attached to emails from individuals you do not know or do business with. These may be described as an “overdue invoice” or a “request for bid” and will contain an attachment that, when clicked, releases ransomware onto your network. If you do not know the sender, do not let your “curiosity” get the better of you. Assume it is ransomware and delete it without opening the attachment.
2. Set strong spam filters on emails
In addition to identifying suspicious emails, it would also benefit your employees to set filters on their emails in order to limit the amount of spam received. While this may be a simple step, it certainly helps hacks and scams from reaching employees.
3. Make sure all devices within a business are updated
When devices are automatically set to update and run regular scans, this allows systems to better operate. Not only does it keep things functioning, it prevents the possibility of a weakened system being breached by ransomware and other forms of malware.
4. Implement Software Restriction Policies
When SRP is implemented, it prevents programs from executing common ransomware locations, like folders that support popular Internet browsers or things such as AppData and LocalAppData folders.
5. Have a Data Recovery and Backup Plan for Critical Information
In order to lessen the impact of malware threats, businesses should perform regular backups so that data can be restored in the unfortunate event of a ransomware attack.
If you would like Wheelhouse Solutions to conduct a network evaluation and determine your company’s risk of malware infection and cyberhacking, fill out the form on this page and someone will get back with you to schedule an appointment.