One of the most serious threats that organizations face is ransomware. A report from CNN revealed that small businesses lose more than $100,000 per ransomware incident due to downtime. What’s more, these attacks cause 25 hours or more of downtime for one in six organizations.
Something as simple as a mouse click from an unwitting office worker can take down an entire system and hold important files hostage. Cybercriminals use sophisticated social engineering techniques to trick people. Once they’ve gained network access, they infect computers and compromise data with ransomware.
As a business owner, you need to take precautions to avoid ransomware.
Here are tips to protect your IT infrastructure from this costly and crippling cyber threat:
- Go Beyond Backing up Your Data
A common tip to protecting your files against destructive ransomware is to back up all critical data regularly. Your business, for instance, could keep data backups offline to avoid the threat. This, however, isn’t enough.
You’ll want to invest in an enterprise-class file sync and share platform that copies data that existed during a particular period, including content that was changed, recreated or deleted. Having this unique feature enables your business to restore affected content. This also allows your clients to get back to work quickly, with minimal to zero downtime.
- Prevent Ransomware from Crossing Your Network Perimeter
A common delivery method that cybercriminals use is drive-by downloads via your browser. These downloads can exploit unpatched and vulnerable browser plugins to install ransomware without your consent. What’s more, vulnerabilities in cross-site scripting in some websites can force your browser to load a malicious site without you knowing it or doing anything.
So, make sure you secure your organization’s network perimeter to block an oncoming assault that can inflict system damage. You can install cybersecurity solutions, such as network-based anti-virus, can identify and stop destructive payloads from messing with your files.
- Think Twice Before Clicking
From time to time, you may receive harmful hyperlinks via instant messengers or social networks. The sender of the dangerous hyperlinks could be from a person you trust, such as a family member, friend or colleague. Also, the hyperlink may come with a message encouraging you to click a link. The sender, for instance, may ask you to check out the longest YouTube video in the world. Then, they include a weird-looking hyperlink next to the message.
When you receive a suspicious link, don’t click it right away. Check with the sender to find out what the link is and if they sent it intentionally.
- Enable the “Show File Extensions” Functionality
The Show File Extensions feature enables you to check the extensions of the files on your computer. By default, your operating system may hide file extensions to keep things simple for users.
If this functionality is currently disabled, turn them on. Doing so allows you to review file types and keep an eye on suspicious extensions. Fraudsters sometimes use confusing techniques wherein a single file appears to have more than one extension. A couple of examples include “table.docx.scr” and “cute-cat-video.mp4.exe.” Don’t open files like these because they could contain harmful ransomware that wreak havoc on your PC.
- Disable Windows PowerShell and Script Host
PowerShell is a task automation framework that consists of a scripting language and a command-line shell. Cybercriminals use this tool to execute ransomware and viruses from memory, allowing them to avoid detection by conventional anti-virus programs. If you and your employees are not planning on using PowerShell for work-related purposes, consider disabling this framework.
Apart from PowerShell, you should disable Script Host if you have no real use for this tool. Some nefarious individuals use .vbs files to run ransomware on a computer. Disabling Script Host prevents viruses from using this file type.
- Use Strong Passwords
If you’re still using weak passwords like “password” and “kitty123,” update your login credentials. Cybercriminals could brute force their way into your company’s account or system. Weak passwords are easy to crack. Once these criminals gain access to your IT infrastructure, they can execute secondary attacks or deploy ransomware to all your networks.
Use unique and strong passwords for all of your accounts. Also, change your passwords regularly and avoid reusing the same passphrases.
- Keep up with Software Updates
When your operating system prompts you to install an update, don’t hit the snooze or install later button. These updates patch security holes and introduce new features to keep your computers safe from hackers and other cybercriminals. So remember to upgrade your programs to the latest version.
Take note of these security measures to protect your business from ransomware. Applying these suggestions will help keep your valuable data safe and prevent you from paying thousands of dollars in ransom.