How To Defend Against Ransomware Attacks

Are you concerned about your business’s cyber security? Are you wondering what you can do to protect yourself from the increasing number of ransomware attacks?

Cyber-criminals are targeting small to medium businesses with cyber attacks more and more frequently, and it’s important to protect your assets. A ransomware attack can cause a major disruption to business activity — not to mention the risk of losing your valuable data — and attackers may charge a business owner up to $50,000 for the return of their files.

In this article, we’ll review the basics of ransomware attacks, what they are and how they can negatively impact your business, and we’ll offer 4 tips for protecting yourself.

What Are Ransomware Attacks?

Ransomware attacks are a type of cyber attack that will target a business’s or a user’s data and hold it hostage until a ransom is paid to unlock or de-encrypt it.

Ransomware attacks have been on the rise since the early 2010s, as the popularity of online cryptocurrencies has made it easier for perpetrators to collect untraceable ransom money. Noteworthy examples of ransomware in recent years include CryptoLocker in 2013, CryptoWall in 2014, and WannaCry in 2017.

How Do Ransomware Attacks Work?

Ransomware attacks will use malware, a type of malicious software, to gain access to your computer or network system. Typically, the malware is disguised or hidden inside a legitimate file program or application that the user is asked to download or open.

These disguised files, referred to as Trojan horses, are commonly sent via email attachments. There are other ways for malware to gain access to your computer, but the majority of malware attacks come from Trojan-type software.

Once the malware is downloaded onto your computer, it will likely spread to other devices on your local network. Then, the malware will either:

  1. Lock your system, so you cannot access your data, or
  2. Encrypt your file system, so you cannot read your data.

Ransomware attacks that simply lock your system may be reversible, if you have an experienced IT team to support you. However, these types of attacks are less common than the newer, encryption-based ransomware attacks.

Encryption-type attacks are more difficult to resolve after the fact, which is why it’s important to consider how to defend your business against them proactively.

4 Tips To Prevent A Ransomware Attack

The best way to defend against ransomware attacks is to act proactively, not reactively.

1. Scan Your Inbound Emails

The first line of defense for ransomware attacks, especially Trojan horses, will be your mail servers. Your mail servers should be actively scanning inbound emails and automatically filtering any spam emails or messages with attachments that could pose a threat to your network.

Most spam emails will be easy to identify, based on the type of language used in the message or the identity of the sender. Your standard email provider, like Gmail, Yahoo, or Outlook, will automatically filter these types of messages into a spam folder. More advanced email security solutions can spot more subtle risks by also scanning for malicious code in attachments.

While your mail servers are your first line of defense, they should not be your only defense. Basic email services will not be able to detect attached viruses and even the more advanced security solutions may have flaws that cyber-attackers will be able to exploit. Make sure you have other forms of protection for your business’s data.

2. Use Antivirus Software and a Firewall

When looking to defend against a ransomware attack, a reliable antivirus software and a properly configured firewall are important ways to protect yourself.

Antivirus programs must be able to scan all files being downloaded before those files are saved, while firewalls must be optimized to provide protection from malicious network traffic.

To reduce vulnerabilities, make sure that your antivirus software is regularly updated to stay current with the latest threats and hire a professional to configure your firewall.

Remember not to rely solely on these systems! Malware is constantly evolving and newer forms of malware may be able to trick antivirus software and avoid detection.

Always employ additional methods of protection against ransomware.

3. Update Your Software and Systems

One of the biggest risks for ransomware attacks is out-of-date and unpatched software.

For example, the recent WannaCry ransomware attack took advantage of an exploit in Server Message Block (SMB) protocol running on Windows which didn’t have the latest security updates installed.

While the exploit in Windows had been patched by Microsoft prior to the cyber attack, the ransomware victims were targeted because they had not yet updated their software. Had they properly updated the software, the victims would have been safe from the attack—instead, more than 200,000 computers were infected around the world.

Make sure you are diligent with your software and system updates, so you don’t become a future victim of a cyber attack.

4. Back Up Your Data

If you’re wondering about the best way to ensure your business can recover from a ransomware  attack, the answer is simple—back up your data.

While data backups won’t prevent a cyber attack from happening, they will help your business to recover after an attack. It is important to start doing regular backups proactively.

With proper backups, the threat of your data being taken hostage is countered. You can simply restore your encrypted data at a later time, after the malware has been removed and your system is properly restored by a professional.

Regularly backing up your data is the fastest and most reliable way to allow you to regain access to your files, in the case of a ransomware attack.

At Megawire, we provide data backup for small to medium businesses and assist with disaster recovery after a cyber attack, as part of our suite of managed IT services for businesses

Contact us today to learn more about protecting your business from ransomware attacks.

Leave a Comment

Graphic representation of network virtualization and virtualized network servicesNetwork monitoring on computer screens in a data centre