Ransomware how to prevent your business being the next victim

Do you back up your data?  

Do you back up your data off-site?

Do you check your backups regularly?

In light of the recent, highly publicised malware attacks, these are 3 questions that every business owner should be asking themselves. Data is one of the most important aspects of any business and, if it is lost, it is very unlikely it can be recovered, no matter what type of insurance policy you have in place.

The most recent and probably the most publicised malware attack to date is the WannaCry (or WannaCrypt) ransomware virus. The WannaCry virus wreaked havoc in over 100 countries and many businesses were caught unaware as they thought “it could never happen to us” or “why would anyone want to attack my business?”  The truth is – most malware viruses are not targeted attacks, they are simply designed to infect as many vulnerable systems as they can in the quickest timeframe possible.

What exactly is Ransomware?

Ransomware is by far the most dangerous type of Malware.  It will covertly work its way through your network and encrypt all of your files to an unusable state.  If you have any backup devices directly connected to your network, these will also be encrypted.

How does Ransomeware work? Does it really encrypt my files?

Technically no, it creates encrypted copies of your files and deletes the original files.  The outcome is still the same: that you cannot access your files without the decryption key.

How do I get my files back?

The whole purpose is Ransomware is that the hackers promise to decrypt your files if you pay a ransom fee, normally around £300. Often the currency is in a digital currency such as Bitcoin to make tracing the hackers more difficult.  General advice is not to pay the ransom as even this does not guarantee that you will retrieve your files, even with the decryption key. Paying the ransom fee will only encourage more Ransomware in the future. Whilst there has been the occasional documented case of hackers taking pity on their victims, these are unfortunately few and far between.

What should I do?

Once you have been infected there is nothing really you can do at this point to get your files back, so revert back to the 3 questions asked at the start of this article.  You must back up your data on a daily basis to an off-site location, ideally a cloud based solution.  You should also have 2 concurrent backups running, perhaps a daily backup and a weekly backup.  Most importantly you must check on a regular basis that your backups are working and that you can retrieve your data should the unthinkable happen.

Is there anything else I should do?

Yes, there are ways to minimise your risk of attack. Start by educating your workforce not to click on email or web links that they are unsure of.  They should also not open attachment files that they do not recognize – these generally come in the form of a .exe or a .scr file.  Ensure all your PCs are running on Windows 7 or Windows 10 and that automatic updates are switched on. This will ensure your PCs are protected with the latest patches released by Microsoft.  You can also invest in a quality antivirus program although this won’t guarantee protection against all malware or ransomware.

Finally, ensure you have a update management plan to ensure your server is receives the latest software updates.

And the future?

WannaCry may not have made its makers millionaires, with experts believing only £40,000 in Bitcoin was paid but the expectation is that Ransomware will continue to be a major issue for businesses. There were a reported 638 million ransomware attacks in 2016 – a massive increase on the 3.8million reported in 2015.  It’s imperative companies stay alert to the dangers of ransomware and take every precaution possible to avoid becoming the next victim.