How did the cybercriminal escape the police?
Ransomware is a type of malware that gets onto your computer and scrambles up all of your data and information. This is then encrypted so that you cannot access it.
Many types of ransomware have been built by cybercriminals to spread like a disease between computers, meaning that if one computer within your business gets it, then it is very likely that other devices within your business will too. This leaves your entire network in the hands of cybercriminals.
So, how do you get your data back?
As the name states, cybercriminals will try to hold your data for ransom. This ransom could be ridiculously expensive; you have no influence on the price. You also cannot guarantee that you will actually get it back!
What you and your business needs is an action plan for your business so that you can wrestle back control from cyber criminals.
This is why we implement a 4-part action plan for your customers so your business can have a robust cyber security defence against ransomware.
What is different about our plan is that it is actually in reverse order than what most companies offer.
The first part of our action plan is always planning for the attack. You don’t want to be an ostrich when it comes to cyber security! The best time to prepare for an attack is way before one actually happens1
So, to start with, ask yourself a few questions. What would you do if you came along into your office tomorrow and your entire computer system was down due to ransomware/
Your plan must include a communication strategy; you must be able to communicate with the team, customers and partners to keep them up to date with what is happening. In addition, you might have some legal requirements and need to tell some regulators that you have been hacked. Finally, you also need a technical plan; you must have documentation of how your business’s IT will get back up and running ASAP.
You need to make sure that your backups are absolutely bulletproof! But what do backups have to do with anything?
Once again, it is all about preparation. The best way that you can recover from a ransomware attack is to restore all of your data from your backups! This saves you from dealing with these pesky cyber criminals.
Now, all of your usual backup tips apply. Make sure that your backups are stored in multiple locations and that you back up DAILY. They also should be encrypted and protected with Multi-Factor authentication.
You also need to back up everything, not just your servers and data but also things like Microsoft 365. We’ve heard some horror stories where cybercriminals got on a network and tampered with the backups before they put ransomware on the network. Unfortunately, this meant that they weren’t there when the customer wanted the backups.
Don’t put your businesses in that position; ensure your backups are bulletproof.
So far, you’ve got a plan; you know what to do if you get ransomware. As well as having good backups in place, the next step is to try and implement IT security so that ransomware doesn’t get in.
There are so many cyber security strategies that you can implement in your fight against ransomware. However, remember that Cyber Security is like an onion; you need many layers of security and strategy to build up your defenses. There is no singular thing that will help to protect you against ransomware.
Here are a couple of tips to get you going:
- Ensure you have good email security; lots of ransomware originate from Email.
- Ensure that you always keep your devices up to date with the latest security updates.
- Make sure that you know precisely what is plugged into your network.
- Make sure that nobody has local admin permissions over their devices. If they do and get hacked, the cyber criminals will also have local admin access.
- Make sure that you have good web filtering in place. This will stop people from browsing dodgy websites, regardless of whether they know it.
- Make sure that you always train your team with cyber awareness training.
All of these tips are simply Implementing good cyber hygiene. However, every business should be doing these.
Stop The Spread
This step is all about stopping the ransomware from running a device on your network.
Once you have a strong plan in place, you might think you’re totally safe. But even then, a stray ransomware email might slip through the cracks, and if this lands on a computer that is not secure or the device’s user is not properly cyber aware, this could mean that the device is entirely kaput.
Your entire network of devices should have some strong security software installed on it as well as have all staff appropriately trained on ransomware attacks and cyber security.
There is a company named Sentinel One that offers a Ransomware guarantee. If you’re using their software, they guarantee that ransomware won’t spread and that they will nip it in the bud.
So there you have it! That is the Integral IT 4-part action plan to make sure that your business doesn’t get ransomware.
We mentioned earlier that we do this backwards compared to other companies. We mean that most businesses work through action points 4 and 3, to begin with, and implement lots of fancy technology without forming a plan or worrying about having an updated backup.
We suggest planning first and implementing later.