If you’ve watched action movies or TV shows, you would have heard about ransoms. In the cybersecurity world, “ransomware” is the same idea. Basically, a cybercriminal hacks into a company’s system and holds its data hostage until they pay a ransom. This tactic often works because data is hugely important to businesses, and they don’t want to lose it and start over.
To learn how to boost a business’ cybersecurity and what to do in a ransomware attack, we turned to the experts at ESET.
The rise of ransomware
Ransomware is nothing new, but there’s been an increase in corporate ransomware attacks since the pandemic. During the various lockdowns, people moved their personal lives online and businesses quickly digitised their operations so their employees could work remotely. In a nutshell, we all spent more time online, which presented the perfect opportunity for cybercriminals to strike. Plus, the pandemic caused a lot of stress and uncertainty, and ransomware attacks tend to prey on emotions like that to get you to act on the demand.
For companies with robust cybersecurity measures in place, supply chain attacks became a concern. This is when a cybercriminal finds the weakest link in a supply chain, and uses that to hack into the rest of the “links” in the chain. So, if a third-party partner or vendor had little to no cybersecurity, that could be a weakness waiting to be exploited. Think out-of-date banking systems, insecure sites, and cloud platforms that let in unauthorised users.
For all these reasons, we’ve seen more ransomware attacks in 2020, 2021 and 2022 than we have in previous years. But luckily, there are a few ways to protect your business — and its data — from falling victim to ransomware.
How to prevent ransomware in 7 steps
Work through this checklist to put up the best defence against ransomware and find out what to do if you get ransomware.
- Map out an emergency response plan
Being proactive is the key to avoiding ransomware attacks. But before we dive into ways to do that, let’s talk about an emergency response strategy.
Unfortunately, there isn’t a lot you can do if you are targeted in a ransomware attack. The biggest decision you’ll need to make is whether to pay the ransom or not, which means weighing how much your data is worth to you. That being said, there’s no guarantee the cybercriminal will restore your data or that they won’t target you again, so just make the best decision you can with the information you have.
Then, it’s time to focus on data recovery. Alert your IT department or representative about the attack, and try to find the source of the ransomware. Malicious links or email attachments are usually the culprit. If you do find the source, ask the user if they’ve opened any other suspicious emails or links, and stop using the infected device. Finally, notify your employees about the breach, set up cybersecurity training (if necessary) and depending on the severity of the attack, consider telling the clients whose data was affected.
- Set up specific email filters
Most email platforms automatically filter out spam, but this isn’t always foolproof. Since most ransomware is delivered by spam or phishing emails, it’s a good idea to manually set up email filters that scan all content for viruses and malware. If your filters flag a suspicious email, don’t open it. Instead, alert your IT professionals so they can investigate.
- Implement multi-factor authentication (MFA)
This means employees will need to enter their username, password and one more piece of additional information — usually a code sent to their phone or email — before they can log into the system. Along with making it harder for hackers to do their job, MFA helps you to meet compliance requirements and prevent devastating data breaches.
- Encrypt your company files
Ideally, all of your data should be end-to-end encrypted, with access limited to the people who need that information to do their jobs. The good news is, most computers and phones have built-in operating systems (OS) that fully encrypt stored data and prevent unauthorised users from accessing it. Just make sure you stay on top of software updates to keep this feature current. If your devices don’t offer encryption, it’s well worth looking into a separate, cloud-based system to do this.
- Consider a whitelisting program
As the name suggests, this is the opposite of blacklisting: only apps that you approve will be able to run on company devices. You can restrict apps and platforms that aren’t secure, which is especially handy if you have employees working from home and potentially using their computers or smartphones for personal purposes.
- Back up files regularly
Back up your files so you can bounce back quickly if you fall victim to a ransomware attack or you lose data because of a server crash. Ideally, you’d always have two encrypted backups: one on an external hard drive, and a digital backup on the cloud.
- Invest in a good antivirus anti-ransomware software
The best ransomware protection for businesses, ESET Protect Complete and ESET Protect Advanced offer a multilayered defence against a range of cyber threats, including ransomware. They strengthen WiFi networks and webcams, make it easy to set up MFA and safeguard cloud email, collaboration and storage systems (like Google Drive). They have remote management capabilities so you can control your company’s cybersecurity from afar.
These premium software programs also scan attachments and images for viruses and offer endpoint protection. This encrypts your data across wireless devices, which is essential if you’re working remotely or communicating across devices.
Keep your company safe with ESET
Ransomware is trending, so it’s important to put protections in place sooner rather than later to avoid falling victim to an attack. Head to ESET’s website to learn more about their anti-ransomware solutions.