Internet Safety For Business, Home.
That is the question. Paying the ransom is a bad practice for several reasons. There is no guarantee that you’ll get the decryption key on payment. Cybercriminals do not have the key that decrypts the data. Ransomware is now readily available on the black market, so many take leaked sources of ransomware, modify the payment information. They never had the key in the first place, but criminals lie.
The ransomware is not your only problem. If paying the ransom is your only option, then it’s a certainty that you have plans in place to restore your business. No disaster recovery plan means, that you won't recover fully from the attack, a known fact.
This means more potential data lock-ups, costly breaches and other cyber disasters leading to loss of confidence in your business, staff leaving, spreading rumours, customers going elsewhere. Getting the decryption key will not solve all of your problems.
If you pay the ransom, you will be perpetuating a vicious cycle. The ransom will be reinvested by cybercriminals in producing other ransomware tools that will become an even bigger problem in the future for your organisation and others. If there’s no profit to be made, cybercriminals will not put more money into developing ransomware.
Prevention is truly worth a pound of ransomware cure. Prepare your company for the inevitability of cyberattacks— ransomware or otherwise— and you won’t have to face the difficult decision about whether or not to take money out of your budget to recover from an attack.
Now that we’ ve told you what not to do, let’s take a look at what you should do to prevent ransomware and mitigate the effects of an attack.
Here are 10 simple tips to protect yourself from ransomware.
The only way to ensure that you can immediately handle a ransomware attack is to implement a regular backup schedule so that your company can get access to the files it needs without dealing with the cybercriminals. Your backup should have certain restrictions, such as read/write permissions without an opportunity to modify or delete the files.
There are times when something can damage your files. Be sure to check regularly that your backups are in good shape.
Cybercriminals often distribute fake email messages that look like an official message from a vendor or bank, luring a user to click on a malicious link and download malware. Never open attachments from an unknown sender or even suspicious attachments from a friend in case they have been hacked.
Or rather, trust but verify. Malicious links can be sent by your friends or your colleagues whose accounts have been hacked. Let employees know that if they receive something out of the ordinary from a friend, they should call that person directly to verify that they sent it and find out if their accounts have been compromised.
This will make it much easier to distinguish potentially malicious files. Because Trojans are programs, employees should be warned to stay away from file extensions like “exe”, “vbs” and “scr.” Scammers could use several extensions to masquerade a malicious file as a video, photo, or a document.
Cybercriminals tend to exploit vulnerabilities in software to compromise systems. Automated Vulnerability Assessment and Patch Management tools, you are assured that your system will be scanned and that patches will be distributed regularly to keep your system updated.
No, it's not a sex programme but use protection. Modern robust antivirus program to protect your system from ransomware. Most products employ a multi-layered system of defence that checks malware from many different angles keeping you safe
But if ransomware hits...
If you discover ransomware, shut off your internet connection right away. If the ransomware did not manage to erase the encryption key from the computers in question, then there is still a chance you can restore your files.
If your files become encrypted, we do not recommend paying the ransom unless instant access to some of your files is critical. Each payment made helps the criminals to prosper and thrive to go on to build new strains of ransomware.
If you are hit by ransomware, try to find out the name of the malware. Older versions of ransomware used to be less advanced, so if it is an earlier version, you may be able to restore the files. Moreover, cybersecurity experts, collaborate with law enforcement to provide file restoration tools online and, hopefully, detain the adversaries. Some victims can decrypt the files without having to pay the ransom.
Because phishing emails are usually the starting point for many ransomware attacks, Anti-phishing technology uses a multi-layered approach to protect against infiltration. First, it checks sites with the product’s local anti-phishing databases on the user’s device. Next, it checks URLs of sites against own vast, continually updated database of phishing sites.
When a new malicious URL is detected on the computer, information about this threat is made available from the cloud database within 15-30 seconds of detection. Finally, heuristic analysis is an intelligence system that looks at dozens of phishing symptoms and compares it with other indications, classifying them based on known modern phishers’ methods.