Ransomware isn’t just affecting small businesses. Large enterprise organizations are constantly being targeted by hackers. A 2016 study by Malwarebytes found that 40% of companies were attacked by Ransomware. Some of the more notable businesses hit recently by WannaCry include FedEx, Nissan, Hitachi, Renault, and NHS. While Ransomware may not be 100% avoidable, there are protections you should have in place to minimize risk (Psst…check out the bottom of the post for a little something extra on phishing emails).
Here’s the top 6 Ransomware prevention tips:
- Backup your files regularly and check those backups. Malicious malware is successful because people end up paying the ransom. In most cases, these businesses don’t have a backup copy of their files and it would cost more to recreate them. However, you can’t simply back up your files. You must test your backups to make sure all of your important files are being backed up.
- Train your staff on phishing emails with simulated test emails. What’s the best way to know who needs phishing email training? Send them a simulated phishing email. This type of training program will provide a list of employees who clicked on the email. From there, you can require phishing email training to those who clicked and to your entire organization.
- Patch vulnerabilities in your operating system. This seems like a gimme, but surprisingly, there’s a long list of companies who forget to do just that. Large organizations must constantly install the latest updates especially since there are so many ports of entry.
- Select the option to show file extensions in Windows. Everyone will be able to see if the file is malicious or not. You’ll need to train your employees to stay away from specific files like “scr,” “exe” and “vbs.”
- Implement a multi-layer security approach. There’s an abundance of tools out there to help you keep your organization safe and prevent cyber threats. We recommend using Microsoft Enterprise Mobility & Security.
If you don’t have any of the protections in place, there’s a real chance you’ll get hit by Ransomware. While the above tips minimize risk substantially, it’s still possible to get hacked.
Here’s what you need to do if you’ve been hacked by Ransomware:
- Shut down the infected devices immediately to prevent the attack from spreading.
- Call law enforcement agencies like the Department of Homeland Security to report the cyber-attack.
- Get the backup of the encrypted files.
- Change all passwords associated with the breach.
- Determine whether or not you should pay the ransom to get the encrypted files back.
Should you pay the ransom?
Unfortunately, this isn’t something someone else can decide for you. However, it is not recommended to pay the hackers. If you’re having trouble deciding, ask yourself these questions: