Protect Your Company Against Possible Ransomware Attacks
Countless cyberattacks especially ransomware are now being experienced across the globe despite the global pandemic that is haunting every corners of our world. In fact, the gravity of the situation made the US and UK to release joint statements against ransomware.
‘Anytime there’s a global event, hackers like to weaponized it. So whether it’s the Olympics or an election, or a global pandemic, hackers are trying to leverage what the situation is against users’, Bloomberg News Cyber Security Reporter Kartikay Mehrota shared in a published online report.
But don’t get me wrong, this doesn’t mean that other institutions and companies are spared.
But what is even worse here is, most attacks in the recent months were against medical institutions, hospitals, government agencies and medical universities who are at the frontline in the fight against the deadly coronavirus.
Just recently, University of California who is conducting medical researches about the COVID-19, has been extorted with more than a million dollar after their servers were hacked. This is just one among the bigtime ransomware attacks recorded at the height of this pandemic.
But don’t get me wrong, this doesn’t mean that other institutions and companies are spared. Let us not forget that anyone can be a victim by these attacks as I discussed in my previous blog ‘Ransomware is no longer just a threat’.
The question now here is, how can you protect your company against ransomware and other cyber-related attacks?
There’s much to be done to make sure that your data and company are protected. But here are the most significant tips which can be helpful to you:
1. Conduct a risk-assessment in your company – it is important that you know the vulnerability of your company to ransomware attacks. Conduct risk assessments to your entire infrastructure and cloud services. You can use an SaaS online tool like AuditRun to assess your risk and mitigate it.
2. Update all business devices – it is very crucial that all devices operating system in the company are updated especially anti-virus and anti-malware software. It is also recommended to use VPN and multi-factor authentication in your cloud services including email and teleconferences.
3. Educate your employees – implement employee training sessions that will help them identify and prevent ransomware attacks. It is crucial to remind your employees the followings to:
a. Be mindful of links and attachments being sent thru emails as these may consist of the malware or virus that could encrypt some or the entire company data. Employees must also be reminded to be wary about COVID-related emails – they must learn to verify the content of the email and/or the email sender. They must never take the bait.
b. Never provide personal information to txt messages, to callers, and email messages. Fraudsters aim at tricking users to give them key information that will enable them to gain access and control of company systems by using social engineering methods.
4. Implement the use of privilege accounts – one way to limit your network’s exposure to malware is to implement a system that would restrict the installation of software that is not on the approved list of applications that is published by the company’s IT and/or security team.
5. Prepare a data back-up and recovery plan – one way to be prepared for any possible ransomware attacks is to have a data back-up and recovery plan. This has proven to lessen the damage and impact of cyberattacks and ransomware schemes. The goal is to inform bad actors that they can no longer make money easily using ransomware or similar methods.
Today when everyone is hungry for information, and some are living in fear – we are vulnerable and a good malware target. Let’s not allow cybercriminals gain more power and make us victims. In this digital world, it is always important to be one step ahead.
At this rate, we may not be able to completely stop them, but we can solidify our defenses to fight such attacks and manage our risk.