Ransomware — a type of malicious software that holds files, devices, or systems hostage — has become wildly successful over the last few years. This type of malware gains and subsequently blocks user access to data, and its purpose is to extort money from victims with a “guarantee” of restoring access to the encrypted files and devices.
Like other malware, ransomware infects a device by exploiting a vulnerability in a piece of software or by tricking an unsuspecting person into downloading and running it. Healthcare companies, government institutions, and academic organizations are among the top targets of ransomware attacks. But these days, anyone can be a target, especially if they have attractive data and are likely to pay a significant ransom.
It’s worth noting that most ransomware attacks occur due to poor security practices. So to make sure your small business in Los Angeles, Orange County, Phoenix, or Denver doesn’t fall victim to this prominent threat, follow these simple do’s and don’ts.
- Download software or media files only from verified and trusted websites. Many unscrupulous sites are designed to look harmless and legitimate, but there are trust markers you can look out for. One of these is a closed padlock icon before the website URL. This means that your connection to a site is secure. A green icon means it’s secure enough to handle financial transactions.
- Implement content scanning and filtering on your mail servers. These will make sure that all inbound emails are checked for known threats and potentially unsafe attachments are blocked.
- Use reputable and up-to-date security software. Cutting-edge anti-malware programs, coupled with a strong firewall, can detect, remove, and prevent the latest malware from infecting your systems.
- Keep your systems and software updated. Cybercriminals often target outdated versions as these still have vulnerabilities that can be exploited. Updating your operating systems and installing security patches will help keep your devices stable and safe from the latest threats.
- Use a virtual private network when connecting to a public Wi-Fi network. This allows you to establish a more secure connection and make sure your online activities are virtually untraceable. However, it’s best to avoid using public Wi-Fi when accessing sensitive information or making confidential transactions.
- Do not click on links in untrusted sites and emails. There are instances where they don’t actually lead to the specified URL. Hover over the link to reveal the target URL or verify its legitimacy by looking for the page yourself using a search engine. In any case, avoid clicking on dubious links, as doing so could automatically download and run malicious software on your device.
- Do not download, and — more importantly — do not open, suspicious email attachments. This is one of the simplest ways to get your device infected. Verify who the email is from, and even if it is from someone you know, be sure to confirm with them whether an attachment is genuine before clicking on it. Otherwise, ignore the message completely.
- Do not provide personal or confidential business information when answering an unsolicited email, instant message, text message, or phone call. Cybercriminals often use social engineering tactics to trick people into installing malware or gain intelligence that they can then use in their attacks.
- Never plug flash drives or other removable storage devices into your computer if you don’t know what they contain or where they came from. These may be infected with ransomware and are just waiting for unsuspecting victims to unleash them into their systems.
- Should your data be compromised, do not pay the ransom. There is no guarantee you’ll be able to regain access to your files, and doing so will only encourage and fund the attackers.
Backup is key
If a ransomware blocks access to your data, you can easily restore your files if you have a backup or a clean copy of your data. You can back up using an external drive kept off-site or via the cloud, but remember to do this periodically to ensure you have the latest copy of your information. If you’re prone to forgetting, then you can set reminders or take advantage of automatic backup services.