In 2017, you probably noticed that week after week there were reports of many different sizes of businesses, plus individuals and government departments, hit by ransomware attacks. The issue was global and affected organizations in all industries, too.
This particular type of cybercriminal activity is said to have increased almost 10-fold in 2017, and unfortunately is still something entrepreneurs need to be worried about. Read on for the lowdown on ransomware and how you can help to protect your venture from it today.
How ransomware works
Ransomware is a particular type of malicious computer malware that gets onto a victim’s tech tool without their knowledge (usually by way of clicking on a link, opening an email or because hackers have found a way into systems). Once there, ransomware takes over the computer and locks owners out of their own data.
Hackers hold the information ransom, hence the name, and won’t give people access to their systems again until they have paid a digital ransom that gets deposited into a hacker’s account.
Different cybercriminals work in different ways. Typically, they lock down a system, so users can’t get into it until they’ve received a password to unlock it by way of paying a ransom, or they encrypt files and delete the original versions, not decrypting the information until they receive payment. Sometimes, hackers will steal sensitive information and tell the owners that unless a ransom is paid, the data will be published publicly for everyone to see.
As you can see, it’s incredibly important to protect data. Here’s what you can do to stay safer:
Use firewalls and security software
For starters, always protect all company computers with firewalls and security software. Firewalls are handy as they act as a strong line of defense against hackers, particularly when they’re trying to get access to data via an internet connection.
Security software is also vital. Purchase maximum security products that will cover you against a variety of threats, including ransomware, and pick up on intrusions in real time. The software should protect browsers’ privacy when online, plug any vulnerabilities that appear in the network, block dangerous websites, attachments and emails and identify data-stealing apps.
Put proper passwords in place
Next, don’t be lax when it comes to passwords. Ask all company employees to use hard-to-guess passwords that don’t relate to any information hackers could find online, about either themselves or the business. For example, avoid using things like birthdates, addresses, children’s names, pet names, lucky numbers, brand names and the like.
Staff should be instructed to make passwords at least eight characters long and to ensure they contain a mixture of characters, such as symbols, letters (upper- and lower-case) and numbers. Different codes should be used across different devices and accounts, plus passwords should be changed at least a few times per year as well.
Update software regularly
Another important step is to get everyone within the organization to update the software they use. Hackers are known to take advantage of gaps in security and other vulnerabilities that arise in software over time.
As such, updates should be run whenever new versions are available. This refers to all sorts of software, including operating systems, browsers, plugins, apps, games, firewalls and security software. The best way to stay safe is to set automatic updates. This way, no one has to remember to search for or install new versions manually.
Back up data daily
Lastly, you can never guarantee you won’t get stung by a ransomware attack, so you must be proactive to protect your firm’s information. To ensure you never have to pay a hacker’s ransom demands, back up all company data daily.
This way, if you ever do get hacked, you won’t lose so much time or money. You’ll still have to find out how hackers got into systems and take steps to address this security gap, but at least you will be able to continue to access to your data as normal.
It is wise to back up information to the cloud and/or to a hard drive storage system that never stays connected to your systems or to the internet (since hackers can potentially attack local storage drives too).