Article by StorageCraft APAC sales head Marina Brook
In May 2017, the WannaCry attack jolted the public into awareness of ransomware’s destructive capabilities.
WannaCry infected over 300,000 Windows computers by encrypting data on the machines and then demanding Bitcoin to unlock the data.
Ransomware is a lucrative endeavour.
There is a good chance that an organisation will have to deal with ransomware at some point if they have not done so already.
Here are best practices for preventing ransomware attacks, plus a few suggestions on how to respond to an attack.
Several factors have led to the rise in ransomware attacks:
Ransomware has moved beyond amateurs to professionals, who are more likely to be aware of security holes that make attacks more successful. The anonymous nature of Bitcoin has driven investment in the cryptocurrency while making it ideal for making demands on attack victims. Computers are providing value for longer than ever, but many now lack the latest security updates to operating system updates that can repel attacks.
IT professionals are often reluctant to patch older computers because OS updates usually slow down old systems. Most ransomware attacks arrive through email, and many employees have not been properly trained to recognise a malicious email attachment.
The most effective step for an organisation to take to combat ransomware is to perform a regular backup of its most important files.
The most sophisticated attacks encrypt both data files and Windows restore points.
Backing up critical data and ensuring it is easy to recover is the best defence against ransomware attacks.
In addition to performing regular backups, consider the following:
An organisation suspecting that someone on the network has been a victim of a ransomware attack should perform the following steps:
Ransomware attacks are a perfect crime because the cybercriminals ‘win’ even if only one out of a thousand companies decides to pay the ransom.
The anonymity makes it nearly impossible for authorities to track down the perpetrators, so they move on in search of more potential victims.
One thing we know for certain is that attacks will continue and will evolve as companies learn to combat them.
Defending data is critically important when fighting back from a ransomware attack.