Targeting Ransomware: What You Need to Know

September 24, 2019 4:39 PM

Businesses and individuals throughout the world have found themselves falling victim to a malicious form of malware called ransomware. Attacks follow a normal progression of mistakes, most often through poor email practices. By opening and clicking on links that can execute code, victims open the door to vulnerabilities that can end up with their data and computers becoming hostage to the demands of criminal hackers.

Infections can also occur through browsing the web and clicking on fraudulent add links. There are many types, all having the common theme of demanding payment in return for unlocking your frozen, encrypted data with key codes. These demands, if not met, will usually incur an increase of the ransom. If you miss another deadline, hackers threaten to completely lock the system down and permanently destroy data. Here are three things you can do to avoid a ransomware attack.

Build a Preventative Approach

Image via Flickr by Schill

Effective preventative measures reduce the chances of infection. The chief among these is anti-malware software. A good program will update often, will run in real-time, scanning documents for threats as it opens them. By incorporating a firewall, these programs are essential to maintaining security with online activities and commerce.

Build a Good Awareness Training Program

For businesses, employees are most often the catalyst for infection. All it takes is innocently clicking a link or responding to a suspicious email to initiate a chain of events that can cripple operations, resulting in costly downtime. For individuals, the same holds true. Awareness of how and why infections can occur is crucial.

Email can be particularly risky and employees should be able to identify the warning signs of phishing schemes. Everyone should configure programs to filter spam.  Any suspicious email is best deleted, and it is unwise to respond to offers from unknown parties that sound too good to be true.

When browsing, it is best to stay on whitelist domains and sites already verified through the anti-malware software. Use sites that have credible threat prevention and detection for secure transactions.

Train employees to implement an effective recovery plan. They should keep recovery details as hardbound copies that are easily accessible in the event of a cyber- attack. Exercises to practice restoring data from backups is a good idea.

Conduct Backups and Updates

Whether you have a business network an or individual computer, backups are essential. Backup data daily and on several cloud servers if possible. An additional backup on an external hard drive is advisable. Access to previous backups is essential to restore data when executing a recovery plan.

Keep in mind, all software can develop security flaws. Developers frequently provide updates that can repair these flaws. Update all programs often to enable the anti-malware software to work its best to provide the security needed to protect your network. If you are a victim of an attack, report it to law enforcement and use the recovery plan. Outside professional services are available if the situation mandates more expertise. The best solution is to avoid