Protecting your business from Ransomware

Are you ready for Ransomware?

You will all of heard of the WannaCry Ransomware attack that recently effected the NHS computer systems. WannaCry wasn’t particularly sophisticated, it disrupted things for a day or two, but no data was lost. The NHS were running systems with older versions of Windows, which had they been patched against it, they wouldn’t have been affected at all.

Ransomware is a type of malicious (called malware) software designed to block access to critical system data until a sum of money is paid, typically by encrypting data. Ransomware is an attack that prevents computer users from accessing business data and applications.

 

It's not new – but it’s a growing problem, current cyber security trends show that Ransomware attacks have moved from individuals to business. It's just part of cyber threats currently effecting business today. Backing up your data effectively is a key element in the defence of Ransomware and should be part of your security strategy and disaster recovery plan (that is having a procedure in place to restore data or applications/systems in the event of a security breach, power failure or flood).

 

There are three types of Ransomware:

 

  • Low-Level: Scamware: fake antivirus tools pretending to detect malware issues which they will demand payment to fix them, but user access or computer data are not effected.

 

  • Mid-Level: Browser blocking – messages claiming to be law enforcement agencies, claiming they have detected illegal activity on your PC for which you need to pay a fine.

 

  • High-Level: Pop up messages to say your data files are encrypted and demand ransom money to be paid by a deadline.

 

There is no silver bullet to manage cyber security, but it’s not rocket science. As with all risks, nothing is 100%, but the best chance of protection is to have a security plan in place and it should be treated the same as you would any other risk, like fire or health and safety. There was a recent attack attempted at a local bus company, they have a cloud backup solution so they were able to locate the infected files, remove them, and restore all relevant information from the backup. The company was operational again within minutes, and no ransom was paid.

 

It’s worth considering the following to keep Ransomware and other threats, from harming your key information systems:

 

  • Patch your systems and keep servers and business applications up to date (this will reduce vulnerabilities in software which could lead to holes in security).

  • Educate users against Ransomware (and other security) threats by teaching users how to detect fake emails, suspicious websites and other scams by being alert to social engineering.

  • Back up data and have a disaster recovery plan in place.

  • Layered security - invest in multiple layers of cyber security protection which can block Ransomware attacks before they happen. Such as web and email security software.

  • Data is safer in the cloud or on servers, rather than being stored locally, on laptops or desktop PCs.

We consider user education and engagement as key element of any security approach, the vast amount of threats come from the inside, usually user error (common issues, sharing passwords, opening attachments etc).so if you can reduce that, it will make a great deal of difference. 


 

Please call us on 01993 623 010 or e–mail sales@whitehelm.com to find out how your company could benefit from an effective Ransomware solution.