Ransomware is one of the most serious security threats small businesses are facing today. It can cripple your company’s systems and lead to loss of money or, worse, loss of critical data.
Over the past few years, ransomware attacks have spiked and are expected to remain a significant threat in future. Symantec’s recent report reveals that the company’s systems blocked over 319,000 ransomware infections in the first six months of 2017.
This article brings together what you need to know to stay safe from this threat.
What is Ransomware?
Ransomware is a dangerous malware that locks you out of your computer or encrypts your files, rendering them unusable. The malware is deployed by hackers who demand a ransom, with the promise that once paid in full, you will get a key that will decrypt your files.
While ransomware might exhibit characteristics of a virus, it is not a virus. Viruses only infect your software and files. They can replicate and spread to other parts of your computer, but ransomware scrambles your files and immediately sends you a notification demanding that you pay to recover them.
The major similarity is that they can both be removed by the use of an antivirus. However, chances of recovering your data and files are minimal if encrypted by the malware.
Types of Ransomware
This malware comes in different shapes and sizes, meaning it has varying degrees of attack on your computer. Some are more dangerous than others, but have one thing in common; the ransom.
- Crypto malware or WannaCry is the most common and was deployed in May 2017 by the WannaCry cryptoworm. It can do a lot of damage to your files and extorted more than $50,000 from its victims.
- Scareware is a fake software that attacks your computer and claims to have found issues in its operating system. It then demands money to fix the problem. The software can keep flooding your screen with alerts and pop-ups or completely lock you off.
- Doxware or leakware demands money or else it will publish your stolen information online.
- Lockers infect the operating system on your computer, locking you out and making it hard for you to access any apps or files.
- RaaS (Ransomware as a service) is hosted by a hacker anonymously, remotely distributing the malware, collecting the payments and managing the decryptors. They do these for a cut of the ransom.
Who is at risk to Ransomware?
Any company, individual or organization which depends on critical access to online programs and files can be a victim.
This means banks, police departments, hospitals airlines, small business, and many more. It can affect all computers running on any operating system.
How to protect your companies systems:
1. Backup your files regularly
Backing up your files is an essential first step to take, and it is recommended that you create multiple copies of data. Ian McClarty from PhoenixNAP advises “You should have a cloud backup and also a backup on physical device such as on thumb drive, hard drive.”
You can go ahead and put measures on the backed up files once they are saved. The backup copy should only have read/write permissions, without any opportunity of deleting or modifying the files. The copy will also come in handy if you accidentally delete or remove some critical files.
2. Install firewall protection
Ensure that all software and hardware are protected by firewalls and software that scans for worms in the environment. Such software can as well protect you against harmful attachments and unwanted attacks.
3. Set up access procedures
You should consider setting up protocols for accessing company data. In most cases, access should be privileged and limited to a few people within the organization. For instance, have the system administrator roles designated to a limited number of employees.
The employees should also not share login credentials. When an employee leaves the organization, you should immediately take away and change their passwords.
4. Beware of viruses masquerading as virus protection
Do proper research to understand the best virus protection software and purchase reputable brands only. Always be aware of the pop-up virus protection software that notifies you that they have detected a virus.
If you do not know the brand of the virus protection software, ignore it. That virus notification might be a virus in itself. Only consider using a robust antivirus program that can protect your system from malware and prevent any viruses from infiltrating your computer.
5. Beware of Cybercriminals
Most cybercriminals distribute fake emails that look as good as genuine email messages from reputable firms. They may mimic email notifications from banks or a reputable online store.
Clicking on the link introduces your computer to the malware.
This method is called to as phishing. The best way would be to fine-tune antispam settings on all company machines. Furthermore, you shouldn’t open attachments that are suspicious or are from unknown sources.
6. Enable ‘show file extensions’ option
This can be done with the windows settings and will make it easier for you to identify potentially malicious files. Trojans are programs; therefore you should be wary of extensions like ‘’vbs’’, ‘’exe’’, and ‘’src.’’
Scammers could also embed malicious files in photos, videos or documents. Beware of extensions such as hot-chics.avi.exe or doc.scr.
7. Update Your Software Systems Regularly
It is best practice to keep a regular update on all your programs, antivirus, operating system and browser. Systems that aren’t regularly updated will become more vulnerable to exploitation by hackers.
8. Trust no one online
When it comes to keeping your company’s crucial files and programs secure, do not trust everyone. At times even your friends or colleagues could send you a malicious link on social media.
9. Do not pay the ransom
If your files are already encrypted by malware, do not promptly pay the ransom demanded unless the malware has infected very critical files. Remember, paying the money only serves to fuel the illegal business of cybercrime.
If your machine is infected already, you could try and find out the name of the malware. Older versions can be easier to remove. It is also responsible collaborating with the police or cybersecurity experts.
In conclusion, stay up to date on latest threats
Staying informed about cybercrime would save your company from losing valuable files and throw you into a crisis. In most cases, most people who comply and pay up ransoms demanded by cybercriminals do so because they do not have an alternative.
The point to note is that older versions of this malware is less efficient and can be removed from your computer without having to pay up. Ensure your system is backed up regularly, preferably have cloud backup and proper brands of antivirus programs installed.
Thanks for taking the time to read this post and sincerely hope it was found helpful and enjoyable! Please feel free to leave thoughts down below in the comments and don’t forget to subscribe to Bane Tech on YouTube, Google+, Facebook, Twitter & Instagram!