Whether you are a small-medium business or a large enterprise you are equally as vulnerable to a ransomware attack. You can’t just brush your protection under the carpet and think that it’ll never happen to you or your business, you need to be protected to preserve the safety of your clients and the reputation of your business.
Ransomware is growing. In 2016 ransomware infections tripled compared to 2015, and with the NHS, one of the biggest organisations in the UK, being a victim to a cyber-attack recently, it has raised the profile even further: it is now more than ever that you need to consider how you are protecting your business from all aspects of cyber danger.
What is ransomware?
Ransomware is the kidnapping of data, an encryption of the victim’s data and a demand of payment to receive the decryption. There are two types of ransomware, one being an encryption of files on a computer or network, and the other locking a user from using their computer. Both types of ransomware will demand a payment, which is often asked to be paid in a cryptocurrency such as Bitcoin, which is a digital currency.
Don’t be fooled into paying the ransom just because it is a small payment. Most ransomware attacks only request a small payment, this is to increase the likelihood of paying the ransom because it is the quickest and cheapest way to return to normal. It doesn’t matter what the amount of ransom payment they are requesting, you must not pay it. If you do, it just makes you an easier target for it to happen again.
Here are our 4 top tips on how to prevent a ransomware attack:
- Think again before clicking
If a URL link looks suspicious don’t click on it. Employees receive many emails every day and some of those emails may contain links that don’t direct you to the page you thought they would. The best way to check is by hovering over the link, it will tell you where this link will direct you to, or by typing the organisation into a search engine and finding the website organically. However, if you don’t recognise the link at all, or if it looks suspicious we recommend you don’t click on it.
- Back up your data
It is essential you back up your most important files. If you lost all your data through a ransomware attack, would this massively impact your business? Backing up your files needs to be done on a regular basis, we suggest one copy going to the cloud and the other going to an external server.
- Limit access to data
Access control should be carried out throughout your organisation, only the people who need access to particular data should have the ability to do so. On a regular basis, evaluate permissions on shared network drives, to prevent the spreading of ransomware to other drives.
- Regular training for employees
It’s very important to reiterate the importance of ransomware prevention. It is crucial that members of staff can identify phishing emails and suspicious links to inhibit being lead into a cyber trap. Training your staff quarterly will keep ransomware prevention at the forefront of their mind, and will allow them to think again before clicking on an unknown link.
If you would like any more information on the prevention of a ransomware attack or you would like to discuss how the Trust Insurance Group can supply you with insurance against your evolving risks, please contact us on 01476 434050 or email firstname.lastname@example.org.