09.10.19

Defending against ransomware — Practical steps to take right now

Imagine being locked out of your home. Now think about someone being inside and telling you that could regain access to it, without any of your belongings being harmed, if you simply paid a fine. It’s not a situation you would ever want to be in, but it’s one that many small and midsize businesses (SMBs) find themselves dealing with as ransomware becomes more popular.

Defending against ransomware

What can you do to fend off the threat of ransomware?

Ransomware has a long history, dating back to the days when software (and malware) was still distributed via floppy disk. In recent years, it has evolved to become more menacing that ever before, thanks to:

  • Strong encryption: Improvements in encryption algorithms over the years have been a double-edged sword. These advancements have improved data security but also made it more difficult to recover assets that are held hostage. Ransomware perpetrators will often encrypt stolen data and only offer the decryption key for a steep premium.
  • Networked propagation: Ransomware can now spread easily across the world. The landmark WannaCry variant from 2017 exploited the widely used Server Message Block protocol to jump between thousand of PCs. It also copied login credentials along the way and included a hardcoded list of usernames and passwords for increased efficiency when attempting to access new systems.
  • Extortion techniques: It’s common for ransomware to include design features that make victims anxious and, in theory, more willing to pay. Perhaps the most notable is the infamous countdown timer pioneered by threats like CryptoLocker, indicating how long someone has to hand over the ransom and safely get back their data.

What can you do to fend off the threat of ransomware? We’ve put together a few tips that can help your business stay safe:

Purchase cyberinsurance

The rising prominence of ransomware has boosted demand for cyberinsurance among SMBs. AIG Europe reported that ransomware accounted for over one-quarter of its cyber-related claims in 2017, more than any other cause. Total economic losses from WannaCry were around $8 billion and largely uninsured.

Cyberinsurance usually provides coverage in the event of a data breach. In the case of a ransomware attack, it might cover the cost of the ransom paid, too. Check the details of any specific policy to see if you would have financial protection if valuable information were lost to ransomware.

Backup your critical data

Most ransomware targets local storage, i.e. hard drives. These attacks can be particularly devastating if the affected data is the only copy available and you have no way to decrypt the disk. Even if you do pay the ransom, there’s no guarantee you’ll get everything back.

Your best recourse is to have a comprehensive backup strategy in place. By having additional copies of your information stored both locally and in the cloud, you face less risk from ransomware since you can restore from backup.

Install antivirus software and keep it – and everything else – updated

There are numerous forms of ransomware out there. While new ones that can slip past defenses are always emerging, the majority of variants are well-known. Accordingly, they are blacklisted by antivirus software and can be detected before they can do harm.

To maximize the efficacy of your antivirus software, ensure that it’s regularly updated with the latest definitions and performance optimizations. This is a good rule of thumb for all software, since outdated applications are highly vulnerable to known exploits.

Ultimate Internet Security from Total Defense has your back against ransomware. It updates automatically and defends against a wide range of threats without any degradation in system performance. Learn more today and be sure to chat with our team online if you have any questions about features or pricing.