Ransomware continues to be one of the biggest menaces on the internet and a highly profitable business for the bad guys. Security vulnerabilities lay the foundation and pave the way for data breaches as the initial step toward ransomware. Many SMBs fail to adequately protect their critical information & assets and are targets for double-extortion tactics, where attackers vow to leak the stolen data publicly if the ransom goes unpaid. The best way to protect your devices is to keep ransomware from infecting them in the first place!

AlphaONE suggests the following countermeasures to help protect your business from ransomware:

1. Update Systems & Software:  Keep software updated! Bad guys target vulnerable, out-of-date software & hardware. Attackers generally find an entry point into a network by exploiting unpatched vulnerabilities. Fortunately, some developers actively search for new vulnerabilities and patch them. Make sure your team stays aware of the latest updates and patches accordingly. 

2. Endpoint Protection: Make sure you have antivirus software, it is up to date, and scheduled to execute regularly.  This seems obvious but is occasionally neglected by some businesses. We recommend Next-Generation Antivirus (NGAV), it uses a combination of artificial intelligence, behavioral detection, machine learning algorithms, and exploit mitigation, so known and unknown threats can be anticipated and immediately prevented. NGAV is cloud-based, which allows it to be deployed in hours instead of months. The burden of maintaining software, managing infrastructure, and updating signature databases is eliminated.  NGAV companies offer ransomware features or add-ons that try to detect the suspicious behavior that’s common to all ransomware: file encryption. These apps monitor your files, looking for a strange new piece of software trying to encrypt them and aim to prevent it.

3. Offline Backups:  Back up all critical data … this is essential!  Back up your company’s data regularly; locally and offsite.  Use a cloud backup solution and/or storage located somewhere other than your local network.  By protecting your data in the cloud, you can keep it safe from infection routines running on your local network. This won’t protect you from being the target of an attack. But if you’re ever attacked, the fallout won’t be nearly as devastating.

4. User Training: Raising employee awareness about ransomware is a MUST security measure. It could only take one employee lowering their guard for an organization to be compromised and improving employee awareness is imperative. Many ransomware attacks are the by-product of bad employee habits or social engineering. Someone may inadvertantly give out their password or download an unfamiliar file. With better employee training, the chances of this happening are much lower.

5. Cybersecurity Insurance: A general cybersecurity insurance policy (with ransomware coverage) is an important asset in your tool-belt. Insurance coverage can help in both “cyber extortion” threats and during recovery operations providing technical/social expertise as well as financial support. Find an experienced, licensed broker to discuss the different types of cybersecurity policies available to protect your business after an attack.

Companies must remain vigilant in today’s era of data breaches and ransomware attacks.  Learn the proper steps to prevent, detect and recover from ransomware, and you can minimize its impact on your business. Use these tips to keep your organization’s information assets safe and stop a ransomware attack before it starts.  Benjamin Franklin’s cautionary words still ring true, “An ounce of prevention is worth a pound of cure.”

Find out how we can help protect your business from ransomware by calling 833-ALPHA-ONE or 334-245-3125.