Recent ransomware attacks highlight how appealing and lucrative these raids are to hackers.
Ransomware is malicious software that installs itself on the computers on your network and encrypts all the files, making them inaccessible to your staff.
On payment of the ransom, you typically receive a key consisting of a string of letters and numbers that cause the ransomware to unencrypt your files.
What should companies do to minimize the risk of becoming victims of ransomware attacks?
Never click on a pop-up that claims your computer has a virus
Such a pop-up is always a hoax.
Clicking on the pop-up will definitely install malware on your computer.
Always use anti-virus software
Never operate a computer without anti-virus software. When your anti-virus software encounters a virus, it will display a dialogue box.
|More advice on running your business|
|Read our series on Closing the Deal|
You can start by installing one of these free software packages reviewed by PC Magazine. These products are free for an initial period and then want you to pay for continued use and updates.
Some websites appear to offer free anti-virus software but actually install ransomware on your computer. You can recognize unsavoury websites by their unusual domain names on the address line of your web browser.
In any case, update your anti-virus software often. Most anti-virus software has an auto-update feature. When a dialogue box illustrates the auto-update feature in action, don’t turn it off.
As an extra precaution, scan your computers for viruses regularly.
Don’t click on links or attachments in emails
Especially if sent to you by someone you don’t know. Even if you recognize the sender, be cautious because their email address may have been hacked and used as a way to send an avalanche of spam.
You can confirm a risky link by gliding the mouse over the link. You’ll notice that the grey URL text in the box is different from the blue URL text in the email. That difference tells you this email came from someone masquerading as someone else. It takes only one careless click for a bad guy to install ransomware on your computer.
The same caution applies to email attachments. Double-clicking an attachment from an unknown sender is risky. One double-click is all that’s required to install ransomware on your computer.
Turn on your browser’s pop-up blocking feature
The dialogue box illustrates the result when pop-up blocking is active. Always leave websites when your software displays a problem like this.
Never download anti-virus software from a web page pop-up or link sent to you in an email. Clicking on the pop-up will almost certainly result in malware being installed on your computer.
Backup data regularly
Confirm backups are running by checking the dialogue box. Secure your backups by storing them offsite.
Run a test restore from a backup to a test server at least once a year to confirm that the restore and the backup processes are working correctly.
Panicked about the cost to reduce cyber attacks? by Yogi Schulz
Successful cyberattacks can lead to the demise of your organization
Don’t install two anti-virus software packages
Installing two anti-virus software packages, thinking they will complement each other, doesn’t work and wastes money. The two anti-virus software packages will:
- require considerable processing power that will slow your computers;
- both claim the other software package is a source of viruses or malware and display distracting messages.
How to respond to a ransom request
If you’ve received a ransom request, consider your actions carefully. You will need to:
- judge the likelihood of actually receiving the unencrypting key and recovering your data even if you pay the ransom; most ransomware scammers will provide the unencrypting key after payment to maintain their reputation;
- confirm you have a reasonably current backup of your data;
- judge if you can successfully install the backup of your data as an alternative to paying the ransom;
- estimate the elapsed time, at least several hours, required to copy data from that backup and determine if you can afford this amount of downtime;
- estimate how much time will be required to actually make the payment in bitcoins because you likely have never paid for anything in bitcoins;
- develop a way to remove the ransomware from your computers to prevent a repeat request for a ransom from the same ransomware.
It’s helpful to contact the Canadian Anti-Fraud Centre at 1-888-495-8501 to report your ransom incident. The centre’s website also contains valuable information to strengthen your defences against all types of fraud. If you have been a victim of fraud, contact your local police force.
Yogi Schulz has over 40 years of information technology experience in various industries. Yogi works extensively in the petroleum industry. He manages projects that arise from changes in business requirements, the need to leverage technology opportunities, and mergers. His specialties include IT strategy, web strategy and project management.
© Troy Media
Troy Media is an editorial content provider to media outlets and its own hosted community news outlets across Canada.