Ransomware is the grossest of all the flavors of malware trying to sneak into your life. That’s because it’s deployed by morally objectionable people who’d prefer to extort money, data, or fear rather than get a proper job. It’s become a profitable industry, with dumb brand names like WannaCry and Bad Rabbit. Even Ransomware-as-a-Service (RaaS) is a real thing now.
Here’s an idea—let’s look at some ransomware prevention best practices that’ll help you protect your business.
First, What’s Ransomware?
Ransomware is a type of malware (malicious software) designed to lock your data, systems, or network until you give the bad people something they value, e.g., proper money or bitcoin, which can’t be traced. Essentially, it hijacks the stuff you need to get on with your life or business until you pay up. Sometimes it demands administrative privileges or prefers blackmail to hijacking—for instance, by threatening to publish your data. Nice, huh?
There are different kinds of ransomware that vary in levels of sophistication, toxicity and in how they’re deployed. The two main types are:
- Locker ransomware: this blocks access to your entire system or network. You’ll see a mean little pop-up on your screen telling you lies, e.g., your computer has been checking out naughty sites, and demanding money to grant you access to your system again.
- Crypto ransomware: this uses encryption to lock you out of your files, and demands something in exchange for an encryption key. No key, no access back into your files.
How Does Ransomware Get In?
Ransomware is sneaky. It uses various ‘attack vectors’—paths to get unauthorized access in order to launch a cyber attack—that rely on technical and/or human vulnerability, including:
- Social engineering: tricking a person into performing an action, for instance:
- Opening an email attachment
- Clicking a pop-up
- Responding to a message on social media. Facebook messenger is a common attack vector
- Drive-by downloading: when you unknowingly visit an infected website, ransomware follows you and installs itself on your own device.
- Malicious web ads on genuine websites.
- Exploiting system vulnerabilities, such as outdated or unpatched operating systems.
Sometimes ransomware, such as Jigsaw, preys upon a sense of urgency and panic by deleting files every hour until you pay the ransom.
Five Ransomware Prevention Best Practices
The good news about ransomware is that you’re not helpless—you can do a lot to protect yourself and your business from it. Many of these preventative measures aren't spectacular, but regular ol’ data security measures we should all be practicing anyway.
Here are some easy ones to get you started:
1. Update Your Software
Outdated software is a ransomware attack waiting to happen. Those operating software and security updates you keep putting off are chock full of juicy bug fixes and security patches that protect you from the bad guys and gals. Make sure to update your software regularly.
Many victims of the great Cryptowall ransomware attack of 2014—which netted more than $1.1m in ransom payments—could have completely avoided the problem by updating their software.
If you’re lucky enough to be at the helm of a fleet of devices, your mobile device management (MDM) platform will help you enforce security updates. Your people won’t be able to use their devices for work unless they update their software. In effect, you’re holding them to ransom, but in a good way. Don’t have MDM? Give us a call.
2. Update Your Hardware
We’re all up for green tech and reusing devices rather than replacing them with new ones, but if your devices have had a whole load of birthdays, they may no longer support the operating systems keeping them alive. This means exploitable security gaps a canyon wide, ripe, and ready for your friendly neighborhood ransomware specialist. It’s time to buy some shiny new devices.
3.Install and Update Antivirus Software
Antivirus software blocks all kinds of malware, including ransomware, from infecting your devices, and can alert your people if and when they visit risky sites. This type of cybersecurity doesn’t cost a kidney,shields vulnerable programs from threats, and blocks ransomware from holding data and files hostage. Why not do it?
4.Use DNS Filtering
Domain Name Server (DNS) filtering does a lot of cool stuff, and one of these is foiling ransomware attacks. It works by categorizing each domain your people try to access into types of content (e.g., news, social media, illegal or malicious content) and then blocking access to the site. It can block sites based on what you tell it (i.e., no Wordle for you, Sales Team!), but it is also clever enough to work out the ransomware-y sites all by itself. Because DNS filtering blocks access to the evil ransomware server, your computer can’t download that evil encryption key. Sorted!
5. Train Your People
Ransomware is living its best life when people click before they think. Because the criminals rely on human error, fear, or failings to get their job done, it’s a good idea to get your people wised up to what’s out there waiting for them.
Ransomware’s favorite attack vectors are phishing in all its forms—standard boring old phishing, spearfishing, fin-tickling (we made this one up), or whaling—so phishing awareness and training should be top of your To-Do Right Now list. Use a “belt pants and locking nut” approach by:
- Training your people how to identify and report the dodgy stuff. Show them how to identify malspam, malvertizing, fraudulent requests, suspicious websites, and social engineering tricks.
- Creating a clear reporting procedure makes it easy for them to report issues.
- Creating a no-blame culture. No-one is immune to sophisticated ransomware attacks. If you make it a name, blame, and shame thing, don’t expect anyone to own up to clicking something bad. Your company is all in this together. Also, if superiors are in the habit of expecting their underlings to jump whenever he/she barks, they’re creating the kind of pressured culture in which ransomware thrives. This puts their business at risk. If you’re brave or drunk enough, why not let them know?
- Investing in phishing simulation training. This gives your people real life without the consequences practice in dealing with ransomware attacks. Phishing simulation isn’t a one-off activity: it’s a process by which your team is faced with realistic phishing scenarios randomly throughout a year or so. You’ll see how each employee deals with the dodgy emails and hone in on repeat victims for further training.
Avoiding Ransomware Attacks: There’s More To Do
These are just a few of the many ransomware prevention best practices that will enhance your ability to thrive at a time when the world seems full of baddies waiting to steal your data or money. We don’t believe in fear-mongering, but we do believe in helping our clients put in place simple and effective protective measures that keep their business safe and their blood pressure low.
Want to put these ransomware prevention best practices in actual pratice? If you think you’d like a bit more peace of mind give us a call. We’re here to help.