An email pops up; perhaps, convincingly, from someone you know with an attachment entitled “Invoice.xlsx”. Curious as to what this invoice could be, you open it. It seems ordinary and harmless enough. Within seconds, your files change to an odd extension with strange looking file names. A message pops up stating all of your files have been encrypted and the only way to get them back to normal is to pay a ransom fee.
Unfortunately, the above scenario has become all too common, with the term “ransomware” now making monthly headlines and on pace to becoming a $1 billion per year crime. Ransomware is a form of malware that holds files hostage for a “ransom” payment. The most common deployment method is through email attachments disguised as legitimate and normal looking files, also known as phishing. One person opening a suspicious attachment can affect an entire network, resulting in loss of data, productivity, and reputation.
To avoid your business becoming the next victim of a ransomware attack, here are six steps to take:
- Educate your employees regularly on how to identify potential risks such as phishing emails. Ransomware’s greatest element to being successful is the human element.
- Back up frequently to ensure that data can be restored from a pre-attack point if required.
- Update and patch your IT systems frequently. Microsoft regularly releases security patches to help combat known threats.
- Install a layered network security solution that includes spam filtering, firewall protection and virus scanning. Having multiple levels of protection can significantly prevent your systems from becoming infected.
- Limit employees from having administrative account access on their systems. This restricts the damage that a ransomware attack can cause.
- Have a preparedness plan of response in the event that your organization falls victim to an attack.
If your organization has been affected by ransomware, here are some steps that can be taken:
- Shutdown your computer and remove it from the network to prevent the infection from spreading.
- Inform your IT support provider of the suspected attack.
- Contact law enforcement to report the incident.
- Don’t pay the ransom.There are absolutely no guarantees that you will get your data back.
Effective cyber security begins and ends with education. Regardless of the security policies and processes in place, the greatest threat to an organization’s information security lies with its employees. Educating your employees regularly on what to look for and how to respond can make the difference between becoming the next ransomware statistic and business as usual.
This article appeared in the Fall 2017 issue of Capitalize and was written by Terry Rowsell, President of Frontier Solutions Inc.
Terry Rowsell is the President of Frontier Solutions Inc., an outsourced IT management company based in Calgary, AB. With over 25 years of experience in the IT industry, Terry and his team have cemented themselves as the go-to trusted, strategic technology advisors to Calgary’s business sector. www.frontiersolutions.ca