In 2022 ransomware attacks are on the rise and a major concern for businesses in every industry. Growing in sophistication and success, these attacks result in billions of dollars paid to cybercriminals and cost businesses even more in downtime and lost productivity. This year, businesses are targeted by ransomware attacks every 40 seconds.
What is ransomware?
A form of malware, ransomware locks or encrypts a user’s files or devices so they can’t be accessed, and a ransom fee must be paid to restore them. Cybercriminals commonly incentivise the payment of this ransom by threatening to leak, permanently block or corrupt the data.
How is ransomware spread?
- Cybercriminals typically use phishing and spam emails to deploy ransomware. In fact, two thirds of ransomware infections are delivered via email.
- Ransomware can also be deployed via drive-by downloading when users visit infected websites. Most drive-by downloads occur because users haven’t updated their operating system or browsers, leaving them vulnerable to cyber threats. These updates contain important security upgrades that better protect devices against malware (including ransomware) and viruses.
Should you pay the ransom?
If your business does become the victim of a ransomware attack, paying the ransom isn’t advised. Why? It won’t ensure your data will be recovered or stop it from being leaked, which can result in lost money in addition to lost data. There’s also evidence that paying the ransom can make your business an attractive target for future attacks.
Ready to strengthen your lines of defence against a cyber-attack? We’ve put together five essential methods below.
How to protect your business against a ransomware attack
1. Keep your team educated and up to date with Cyber security best practices
An essential line of defence against a ransomware attack is your team – after all, 90% of cyber-attacks are successful due to human error. Ransomware attacks are commonly facilitated by methods that require user action, like clicking a link in a phishing email, so it’s critical your staff can identify and avoid cyber threats.
Our Cyber Awareness Training (CAT) platform provides a complete solution to train and test your employees on cyber security best practices and keep cyber awareness top of mind. The program includes a policy toolkit, risk reporting, video training, phishing simulations, and dark-web scanning. Find out more about it here.
2. Ensure data and systems are backed up on an external drive or cloud server
Having an externally located version of systems and data is a critical step in preparing for cyber-attacks. This should be backed up and tested regularly and will mitigate the loss of data, or the need to pay a ransom fee in the event of an attack.
3. Implement email gateway security
Email gateway security provides an additional line of defence, filtering out emails with unknown senders and links before they can reach your inbox. This means fewer phishing emails, and less room for human error.
4. Regularly update systems and software
Outdated legacy systems are a prime target for cyber criminals, allowing vulnerabilities to be exploited. Ensuring systems and software are kept up to date is a critical step in protecting your business.
5. Use endpoint security software
Each device connected to your network is an endpoint that has the potential to be vulnerable to cyber-attacks. Endpoint security software allows administrators to remotely manage each device connected to your network’s security through a centralised console. This software allows businesses to identify and respond to malware (including ransomware) and cyber threats.
How we can help
When you want to put stronger precautions in place and better protect your business against ransomware attacks, we’ve got the solutions to help. Our cyber security packages can be tailored to include phishing protection and advanced web filtering so cyber threats are stopped in their tracks before they reach your team.
Contact us for a cyber threat assessment – we look at data collected from your network to better understand your current data risks, threat protection and security compliance requirements.
Call us on +61 8 6381 6900 or chat with us at firstname.lastname@example.org.