Ransomware attacks have become a common cybersecurity threat organizations have to defend themselves against. Those who fail can lose access to critical data and be pressured into paying a ransom to regain access to it. That’s bad news for all organizations, but especially for SMBs with limited budgets, considering that the average ransomware payment rose 33 percent to $111,605.
To make matters worse, cybercriminals have been taking advantage of the turbulent situation caused by the ongoing COVID-19 pandemic, targeting employees who have recently found themselves in remote working situations. Fortunately, there are several things any organization can do to protect its employees against ransomware.
1. Regularly Back Up Important Data
Ransomware attacks are so effective and frightening because organizations can’t afford to lose their data. That’s why backups are part of an effective protection against them. Employees need to understand that it’s important to always maintain at least one extra copy of important files and store it in a different location. Cloud backup services are great for this because they are cost-effective, easy to deploy, and familiar to most employees.
2. Control User Access
Small organizations where everyone knows everyone else often hand out administrator privileges like candy on Halloween. That’s a huge no-no because it greatly increases the risk of attackers gaining access to critical systems and sensitive data. Instead, organizations should be giving users the minimum privileges needed to do their jobs and raising them only when absolutely necessary.
3. Use Email Spam Filtering
Ransomware attacks typically start with spam messages because they make it possible for cybercriminals to target thousands of unsuspecting victims with minimal effort. While some spam messages are carefully crafted to target a specific victim and thus difficult to catch, most can be blocked using an email spam filter. Such filters are available from many different vendors, and they serve as an excellent first line of defense against ransomware.
4. Teach Employees About Cybersecurity
One of the most important things any organization can do to protect its employees against ransomware is to teach them about cybersecurity. Employees should at least fundamentally understand the threats they’re facing and know how strong passwords, timely patching, regular backups, cautious web browsing/emailing, and other best practices help protect against them.
5. Simulate Phishing Attacks
Employee training should combine theory with practice through simulated phishing attacks. Such attacks serve two different but equally important purposes. First, they provide valuable feedback about the effectiveness of employee training. Second, they give employees a chance to experience life like threats without suffering real consequences.
6. Keep Software Up to Date
Cybercriminals are constantly trying to exploit software vulnerabilities to distribute ransomware. Businesses need to understand the importance of timely patching and avoid having outdated software on devices they use for work. Patching is especially important when it comes to security software because over 350,000 new malicious programs and potentially unwanted applications are registered every day.
7. Monitor User Activity
User activity monitoring software is highly effective when it comes to stopping insider threats, whether unintentional or with malicious intent. It can be used to detect risky behavior that could potentially open the door to a ransomware attack, and it’s also indispensable for pinpointing the origin of an attack to fix the vulnerability that made it possible.
8. Disable Commonly Exploited Features
There’s a number of features commonly exploited by ransomware creators that most employees don’t need—at least not on a regular basis. Such features include macros in Microsoft Office, remote desktop, or autorun, just to give three examples. Disabling these features won’t negatively impact employee productivity, but it will go a long way in keeping ransomware at bay.
9. Don’t Pay the Ransom
Don’t pay the ransom without speaking to legal counsel and your insurance company first. Insurance companies will sometimes pay the ransom for you as a remediation step or hire negotiators to handle ransom payment. The best course of action is do not immediately pay the ransom, turn infected machines off immediately and contact legal counsel. If the infected machine is a server, contact an information security professional immediately before taking any action.
The onslaught of ransomware attacks that have been making the headlines for years now won’t slow down anytime soon—at least not until organizations learn how to protect their employees. Aligned Technology Solutions can help you strengthen your defenses so that you can focus on your business and avoid wasting valuable time on problems you’re not equipped to solve. Get in touch now for more information.