Ransomware hit the headlines in the summer of 2017 when thousands of users in 16 health services across the UK were locked out of their PCs by a piece of software that demanded money to restore functionality.
Far from being a rare occurrence, malware such as this has been striking companies up and down the country since the early nineties. Ransomware is particularly prevalent because in short, it works. Companies are so desperate to continue working, they often resort to paying the money. This, in turn, gives hackers more incentive to create and distribute more malware of this nature.
Let’s look at some preventative measures you can take to avoid a ransomware attack in the first place:
Companies will always review their backup strategies after an attack, but you should be doing this regularly to minimise the impact of a potential attack. Full, offsite backups held on a separate system that run each day and are tested regularly can mitigate the damage done by any kind of malware that spreads throughout a network.
Train your staff
Most malware is distributed by fooling users into clicking a link that they shouldn’t.This technique is called ‘phishing’ and no matter how computer savvy your team may be, they can still be tricked by legitimate-looking emails. Training your staff how to spot bogus e-mails, links, and files, can reduce the risk of ransomware striking your business.
One of the main reasons that the NHS malware attack spread so widely was the use of old systems with out-of-date software. Although it can seem onerous to continually pay for the latest software or to develop upgrades to your organisation’s bespoke tools, it pales into comparison to the financial and reputational cost of not being able to function for days on end.
A good anti-virus architecture on your network can give you unobtrusive protection and some peace of mind. These systems can spot threats before they reach you and can halt the spread of a malicious file before it damages your entire network.
But what if the worst happens? How do you cope?
Well, the first thing is to take a breath and react calmly. Do not pay any ransom and advise your staff not to either. If you have a disaster recovery plan, now is the time to put that into action. If you don’t have one, make a mental note to put one together in case there’s a next time.
Let your IT specialists do their job. They can determine what type of attack it is and the best course of action to resolve it. With a solid backup process, the problem is likely to be quickly resolved and the damage will be minimal.
If you feel your organisation might need help with the measures outlined here such as managed disaster recovery solutions, desktop PC support, IT security, or data backup solutions, please get in touch with us today.