Ransomware: How preventing it is better for your business than a cure
THE rate at which businesses have been embracing technology has had a significantly positive effect on responsiveness and adaptability. Such a gift, however, does not come without its caveats.
Tech-dependent enterprises are not only vulnerable to catastrophic malfunctions, but they are now also easy targets for hackers who use their know-how to breach databases and steal data. Such data losses can end up costing an average of US$36,000 per event for a small company.
But perhaps one of the most worrying trends is the rebirth of ransomware, especially in corporate circles.
According to McAfee, ransomware has come back from a hiatus, returning in full force in the first quarter of 2015. Ransomware, as the name suggests, acts on corporate systems by “kidnapping” data and demanding payment from the victim for its return. Unluckier victims often end up with their data still locked even after they pay.
Data isn’t usually taken from one’s device or premises. Rather, it is encrypted on one’s computer and can only be accessed when the attacker gives the key.
— Capgemini (@Capgemini) August 7, 2016
Unfortunately, it’s impossible to arm oneself against these attacks. Once you’ve been breached, the damage is done. Being able to restore data from a recent backup is one possible solution. But without that, you’re at the mercy of the attacker.
The best way to stop ransomware from being a threat is to prevent it from ever reaching you. For a typical business, this means implementing protocols and guidelines that provide a holistic means of prevention and protection.
- Scrutinize network traffic. This also includes establishing a protocol of extreme scrutiny for files exchanged across the external network. You will also need to discourage employees from downloading apps and digital media that does not belong to the company.
- Keep security software, operating systems, and services up to date at all times. This prevents attackers from exploiting old vulnerabilities or zero-day (unpatched) vulnerabilities that would have otherwise been fixed by the software developer.
In February 2016, the Hollywood Presbyterian Medical Center in Los Angeles experienced a ransomware attack that cost it approximately US$3.6 million. This does not include costs incurred by the hospital from having to divert patients elsewhere, since it didn’t have access to any data. In this instance, perhaps the most noticeable fault of the hospital was outdated software.
— Netswitch Technology (@netswitchinc) February 29, 2016
Ensure adequate employee training. You will also need to establish a policy that requires employees to pay more attention to messages they receive, assessing elements such as the sender’s email address. Any material that appears suspect should be referred to the IT department for further analysis.
Using software solutions that sharpen your entire security infrastructure and proactively eradicate the possibility of sophisticated ransomware attacks can also be a solution.
Make regular backups. The last, but certainly not least, thing you can do is make regular backups of data on an external medium. In any worst-case scenario, you can simply restore from a backup after your data is encrypted by ransomware. The only downside is that you may have also backed up latent malware possibly lurking in your system.
Breach detection usually involves chasing hackers “after the fact”. This method – which has been used ubiquitously for more than a decade – has led to inevitable losses in both capital and credibility. Repairing damage after an attack does very little to preserve a company’s integrity.
Strong policies coupled with a solid security infrastructure can create a virtually impenetrable wall, which can make attacking an organization frustrating and potentially expensive.
Rather than paying a heavy ransom to get data back in your control, preventing such attacks in the first place gives you better peace of mind.