Ransomware is a particularly nasty kind of malware virus that encrypts your files and holds them hostage for money. It’s something that our IT helpdesk geeks can advise businesses on.
Schools, hospitals, and businesses have all been the victims of ransomware attacks, but your business doesn’t have to be next. Read our practical tips for protecting your data from hackers.
The most commonly reported type of ransomware is Cryptolocker. A 2014 survey conducted by The University of Kent revealed that 1 in 30 systems have been infected by CryptoLocker, with 40% of people paying the ransom to restore their files.
The overall figure for ransomware was much higher with 1 in 10 systems having been infected at some point.
Intel Security reported a 24% increase in ransomware in just the first quarter of 2016, and at Dial a Geek we are helping an increasing number of businesses who have suffered security breaches.
We’ve noticed a snowball effect; when one business has been hacked we usually receive calls from two or three others soon after.
To help avoid any further cases, we encourage you to follow the ten steps below to protect your business.
10 tips to protect your business from ransomware
1. Do not open links in emails you do not recognise.
Cryptolocker and other ransomware are often downloaded when employees think they are opening a link to an invoice, a C.V. or another seemingly credible document. However, these documents would usually be sent as an attachment so warning bells should be ringing if you are asked to follow a link.
2. Be wary of emails that appear to be from known sources but seem unusual or contain unexpected downloads.
If the email address of a supplier you usually receive documents from is different, or if the format of the email has changed, it is safer to email the supplier on the usual address to confirm they sent the documents.
3 • Educate employees in good computing practices, staying secure online and spotting threats.
A good start would be sharing this blog post with your team. The next step is to write an IT policy for your freelancers which sets out their responsibilities for staying safe online, keeping their software up-to-date, and installing anti-virus on their computers.
4. Invest in anti-virus software.
We recommend ESET. You may want to consider specialist Cryptolocker prevention tools, but we’ve found that being alert to risks and following best practices for staying secure online can significantly reduce your chances of being hit by a ransomware attack.
5. Don’t forget about devices that are out of the office.
Make it clear that employees using work computers at home should take care not to let family members who are not versed in online security use the device. You should also create an IT Policy for freelancers using their own computers in your office. Read more about that here.
6. Keep your operating system and security software regularly updated.
Does your antivirus update automatically? Find out. Similarly, are you running the most recent version of your operating system? Older systems are more susceptible to attacks.
7. Be careful of which websites you access from work computers.
Websites that allow you to avoid paying for content by downloading files or streaming videos are often a source of viruses and malware. Make it clear that employees should not use these websites on work computers.
8. Backup your data (in more than once place).
Regularly backup your data and store it on external hard drives in more than one location, disconnected from your computer. If you do get hit by a ransomware virus you will be glad you took the time to create a backup system, as you will avoid having to pay the hackers for your data.
9. Store important data on the cloud.
Google and Dropbox both offer secure data storage options that will keep your data safe even if your hard drive is infected.
10. Know what to do if you If your office falls victim to Cryptolocker.
Step One: Disconnect the infected computer from the network immediately and turn it off.
Step Two: Run an antivirus scan on the other devices in the office to confirm they are not infected.
Step Three: Contact your I.T team so they can assess the damage and advise you on the best course of action.