A Concern for Businesses: Avoid Being Caught By Ransom-ware
Late 2013 was the year when warnings about a sophisticated malware strain called Cryptolocker first surfaced, leading IT experts and organizations to issue guidance and advice on how to avoid and deal with this file-encrypting infection. This ‘Police Virus’ (as it has come to be known), encrypts files, promoting users to pay a fine to unlock and provide access to their personal computer and files.
Cryptolocker of course, was just one strain of ransomware to have affected businesses and consumers alike, although many strains (Cryptowall, CryptoDefense) exist that follow the same pattern.
To Prevent a Thing, One Must Understand It First
Ransom-ware is carried out by cyber-criminals and scammers, where they target and force businesses to pay them ransom in exchange for files and important information of the business that the scammers take hold of. The ransom-ware works in the following way: a malware is used to encrypt a business’s information and files on a system’s hard drive with the help of an unbreakable key. This is decrypted by the attacker only after the ransom has been paid.
Majority of these attacks occur through email and have increased in (the past year) in sophistication and have become both near to perfect in local languages and look to be more legitimate than previous attacks. Now that we know what ransom-ware is and how it’s carried out, let’s examine the preventive measures that can be taken against this menace.
Have a Full Backup Ready
Security experts reckon that having a good backup policy employed for all data and system backups is an incredible idea that many businesses don’t follow through with. In fact, this is the most common advice that can be taken when it comes to recovering from a ransom-ware attack.
Remember not to overwrite the backups with compromised data when creating the backups of information and data systems. This will hamper the ability to restore the information back when you want to.
Keep a Layered Approach
One cliché of modern infrastructure that most security experts swear by is having a layered approach when it comes to security. Repelling ransom-ware attacks however requires a slightly different approach, i.e. to protect from viruses such defenses must be in place that ensure complete prevention of viruses in the first place. Having a layered security approach in place, side by side with effective technologies such as anti-virus, firewalls, and web filtering tools are recommended by the experts.
Dealing with Criminals
Of course, the first and most important issue when dealing with ransom-ware is close dealings with cybercriminals as well. Many business owners fail to understand how big of a problem this. You see, even if you do end up paying the ‘fine’, there isn’t any guarantee that you will be provided with access to the data.. Cybercriminals, like other scammers, can return back to someone who has paid the price which means any payment made will only lock your business as a future target for attacks and scams.
Experts provide this advice to businesses that have become the victim of ransom-ware; before paying the attacker, consider how sensitive the stolen data is, your profile and the sophisticated nature of the attacker i.e. the virus used to steal the data. Low sophistication in communication equals to a low quality encryption, which can be broken through easily.