In 2017, global ransomware attacks like WannaCry and NotPetya rocked the world, devastating both businesses and government organizations. Troublesome though they were, they were only the beginning. Ransomware is on the rise, and it’s only going to get worse from here.
Criminals have realized that ransomware can act as both a data exfiltration method and as a distraction for a larger attack. They’ve realized that holding information for ransom can be just as lucrative as stealing and selling it. And they’ve realized that in all cases, ransomware requires almost no effort on their end.
In short, you need to do everything in your power to protect yourself – here’s where you can start.
Back Everything Up
The best defense against a ransomware attack is and always will be an air-gapped backup. By maintaining several copies of your data and images of your system both in an online repository and in an isolated, on-site backup server, you can ensure that any systems compromised by ransomware can simply be deleted. At that point, it’s just a matter of restoring your systems to working order.
Now, there’s a reason I recommend multiple backups – and that you keep multiple copies. Truth is, ransomware developers know that backup data is their main weakness. As such, they’ve started to target backups.
Educate Your Employees
Believe it or not, your employees are actually a bigger threat to your data than any external bad actors. Phishing scams, for example, are one of the chief delivery vessels for malware and ransomware. What that means is that if you don’t train your employees to recognize scams and socially-engineered attacks, there’s a good chance you’ll be dealing with ransomware sooner rather than later.
Host regular training sessions and establish a knowledge base your staff can draw on to help them stay secure.
Ransom-Proof Your Systems
The most troubling fact about WannaCry is the fact that it exploited a vulnerability that was several years old. Many of the victims that were targeted by the ransomware could have prevented infection if they’d simply kept their systems up to date. To that end, you need to apply security patches and updates the moment they become available – and wherever possible, avoid using outdated operating systems.
Additionally, it’s important that you ensure all systems on your network can be air-gapped on demand. That way, if ransomware does hit your network, you can isolate it before it causes widespread damage.
Don’t Let Hackers Hold You For Ransom
Ransomware isn’t going to stop being a problem. If anything, it’s only going to get worse – more advanced and sophisticated, and available as an attack method for more hackers than ever before. Defend yourself now, instead of wishing you did something later.