Ransomware – a major threat to your business and how you can prevent an attack

There’s been a significant increase in Ransomware attacks since the Covid-19 pandemic took over. Businesses are now viewed as easy targets amidst all the challenges they face, including having remote workers.

Recently, we’ve seen the Colonial Pipeline attacked as well as the Health Service Executive (HSE). Sadly, Ransomware is not going away anytime soon and must be prevented at all costs. Each individual business/ company needs to look at themselves as a potential target, and there’s no point in assuming; “they’d never target us” or “who would want our data?”. Cyber criminals don’t care what size the company is, it’s the data they want as this is the most valuable asset.

What is Ransomware and what does it do? 
Ransomware is a form of malware that encrypts files and data. The most common way it makes its way into a network is via email attachments or links/URLs. It can also take the form of a fake application or malicious advertisement. If an unsuspecting end user clicks on one of these links or opens an attachment, the malware installs and takes control, encrypting files. Ransomware can also lie dormant for some time before it gets to work. The infection can spread across a network at an alarming rate, crippling your company within hours.

What typically comes next is a request for a ransom to be paid, and a deadline to pay it. If the company doesn’t meet this demand, they may find their data will be locked down permanently, deleted, or published in the public domain. Sadly, we’ve seen this recently with the HSE cyber-attack.

How can we prevent a Ransomware attack? 
There are several simple ways to prevent attacks or minimize the impact of such attacks, including:

1. Enable Multifactor Authentication – the traditional username and password authentication method is not fit for purpose anymore, and MFA should be a minimum in the current climate.
2. Education – There’s plenty of threat awareness training freely available and companies should spend time and resources providing this to employees, so that they can recognise potential threats, and know what to do or who to contact for support.
3. Data Backups –This goes without saying; data is king and if you have it sufficiently backed up (including an off-site copy), you take a lot of the power away from the cyber criminals.
4. System Updates – There should be a policy in place to ensure all systems and software are up to date and patched against all known vulnerabilities. Older systems are very high risk, and you may be leaving yourself exposed by continuing to use them.
5. Email Filtering – Analyse incoming emails for spam or phishing content.
6. Disaster Recovery Plan – designing and implementing a disaster recovery plan is a great way to get your business back up and running sooner rather than later.
7. Use Citrix products such as ADC and ADM in combination to provide secure access to your applications and websites, and monitor for anomalies and potential threats.

So, in conclusion:
Of course, Ransomware is now a big business so cyber criminals are always at work enhancing their code and staying on top of security trends. However, they are opportunist criminals and depend heavily on social engineering methods and weak security. So, taking some of the simple steps outlined above will give you and your company a fighting chance in preventing a disaster.

Article supplied by Derek Cooke of Enterprise Solutions

If you’d like some assistance in implementing measures to prevent cyber-attacks, get in touch with us at info@enterprise-solutions.ie