This year marked the largest, most damaging, and most publicized ransomware outbreak we’ve ever seen. WannaCry infected tens of thousands of systems all over the world, from the NHS to a major Spanish telecommunications firm. The worst part?
WannaCry isn’t going to be the last attack of its kind – far from it.
Ransomware has been steadily growing more damaging, more complex, and more recurrent in the business world. Attacks targeting businesses tripled last year, and in Q1 2017, 60% of malware payloads were ransomware. What’s more, according to Kaspersky, an organization is targeted by a ransomware attack at least once every forty seconds.
Given these numbers, it should be clearer than ever that you need to take measures to defend your business. To minimize the threat that ransomware poses to your data, and ensure you’ll be able to swiftly recover should it strike you. Here’s how you can do just that.
Maintain Secure Backups
The best way to defeat ransomware bar none? Backups. If you maintain frequently-updated, offsite backups which contain both critical data and system images, you can respond to a ransomware attack by air-gapping the infected systems, wiping them, and restoring them from those backups.
Of course, criminals are aware of this fact – and plenty of ransomware attacks specifically target backups, as well. That’s why you should maintain multiple ones, using both cloud services and physical drives. And make absolutely certain that wherever you’re backing things up, you’ve isolated that location from your network.
Keep Everything Up To Date
WannaCry exploited a common vulnerability in older Windows systems. Although Microsoft has since released an emergency patch that fixes it, there’s an important lesson to be learned here. You need to make certain to apply every single security update that’s available.
Otherwise, you might end up being the target of the next WannaCry.
Actively Monitor Your Systems
A proactive approach to cybersecurity is one of the best defenses at your disposal. Run regular antivirus scans, and ensure you’ve automated monitoring systems in place to detect any suspicious network activity. The more information you’re able to gather about the goings-on of your system – and the better you understand that information – the more effectively you’ll be able to react if you’re a target.
Educate Your Staff On Good Security Hygiene
While system vulnerabilities are an immensely popular delivery medium for malicious software like ransomware, the greatest threat facing your organization is the ignorance of its workers. You need to host regular training sessions that teach staff how to recognize when they’re being targeted by a social engineering attack such as a phishing email. Show them how to engage in safe practices online, both within the workplace and without.
Respond Quickly, Efficiently, and Effectively
Last but certainly not least, if you even suspect that you may have been targeted by ransomware, respond immediately. Don’t wait to see what happens, and don’t leave infected systems connected to your network. More importantly, never pay the ransom.
That just incentivizes future attacks – and there’s no guarantee they’ll even restore your data if you pay.