The evolution of ransomware, dating back as far as 1989, has snowballed along with the development of technology to become a very profitable business for hackers. It is easier than traditional hacking, more efficient and allows them to cash in quickly and with minimal complications. Attackers can breach a vulnerable system through a back door and encrypt its data, which effectively shuts out users and prevents them from accessing any records or documents. A message demanding money then appears on the screen, a time limit is set and a countdown begins. The element of time implants a sense of urgency in the victim, compelling him/her to pay the ransom as quickly as possible. All this can be done from the comfort of a hacker's lair far away and almost impossible to track.
The reason why attackers are so successful in breaching electronic devices is because of the perceived distance people put between themselves and the possibility of such a breach ever happening to them. The belief that a ransomware attack is far-fetched is the very reason why ransomware is so lucrative. Putting your guard down is the vulnerability that hackers are waiting for. Below is a list of best practices that can help you protect and secure yourself effectively:
-
Back up important data
A hard lesson that many organizations learn after a ransomware attack is the importance of backing up their data and taking the necessary precautionary steps in securing their systems. Safety measures such as offline backups are often neglected, resulting in breaches that could have been avoidable. Money, time and effort is then wasted on repairs and compensation and the company's productivity plummets. Having offline backups of all the data that an organization runs on is an essential practice. In this way, in the event of an attack the company can continue to function with minimal losses.
-
Update your software periodically
Outdated software creates vulnerabilities in an organization's system leaving it open and exposed to attack. Most software providers distribute newer updated versions of their products periodically. Software and system updates not only introduce better features but they also patch up any holes and back doors, effectively shutting out potential attackers. It protects the company by destroying any opportunities that hackers may have of breaching the system.
-
Disconnect
The seconds immediately after a ransomware attack hits determine the fate of the organization. The infected computer or device must be immediately shut down and disconnected from any attached wireless and hardware devices. Disconnecting as quickly as possible cuts off the malware and prevents it from infecting the rest of the company's devices. It also gives the incident response team an opportunity to assess the damages done to the organization's equipment. A precautionary measure that will also minimize damage is the physical separation of one network from the other. Doing this will protect other devices from the ransomware and limit the infected computers to the ones sharing the same network.
-
Train employees in cyber security awareness
This is important with regard to all forms of cyber breaches. Threat litigation and management is an essential aspect of employee training. How your team responds to the incident will determine the extent of the damage done to the organization. It is important that employees are trained in incident response so that they are able to react quickly and in an orderly manner to ensure that the spread of panic and damage is minimal.