It’s already been a year of high profile ransomware attacks with WannaCry and Petya still fresh in our memories. These attacks are designed to target businesses and this epidemic could be worse than you think. Three out of four companies reported falling victim to phishing last year, and according to Symantec, over the course of Q2 2017 phishing rates have increased across most industries and organisation sizes.
So with that in mind, we look at the dos and don’ts of ransomware for your organisation.
1) Every attachment could be ransomware
Malicious attachments are everywhere these days, they come in several guises. In fact, the only file type they won’t hide in are .txt files. Most ransomware attacks are sent by hackers in the form of a phishing email. These tend to contain ransomware that will take over your computer, or infect your whole system, the ransomware will then demand money to unlock your system, or even worse, it could threaten to delete or steal the valuable data from your business. This all starts with the simple click of a link on a phishing email, so be cautious with any email you receive, no matter how legitimate it might look.
2) Keep your software up to date
Hackers that deploy ransomware via a phishing email are all too aware that there are weaknesses to exploit on your company PCs. They are able to action ransomware through vulnerable PCs. By keeping your software up to date you ensure that the latest patch removes this vulnerability and moves some way towards protecting you from a potential ransomware attack. So, if you ever see that little notification asking you to update your software, do it there and then otherwise you’re just leaving yourself open to a phishing email that could wreak havoc to your entire network.
3) Get your back up
Only the most security conscious of us are on alert all the time. That’s the nature of the business. But those not in the cyber security industry anything bad will happen to their company, through ransomware, a phishing email or other computer based attack. So, it’s always a good idea to have a copy of your files backed up somewhere safe, and to back these files up regularly.
4) Educate to reduce ransomware risk
Whether you’re a small startup business with a handful of employees or a multinational corporation with thousands of staff – they need to be educated on the dangers of ransomware. A phishing email can come from any source, an unsolicited email, made to look as if it came from a colleague, or even from a reputable business they may have dealt with in the past. This is why educating your user base is critical for your business. They are the first line of defence for your business. It only takes one employee to click a phishing email that could unleash ransomware onto your entire network.
Interested in further information on how to protect your company from ransomware attacks and how to educate your staff on what to do when they receive a phishing email? Contact our friendly staff to discuss how MetaCompliance can raise your employees cyber security awareness and reduce the risks posed by ransomware attacks.