Ransomware attacks are growing bigger in scope and becoming more sophisticated. Over the past few years, they’ve gone from being a relatively obscure threat to a global epidemic threatening individuals, governments, and businesses alike. But it’s not just big enterprises which get attacked — everyone is a potential target and needs to protect themselves.
#1. Backup your data
This might sound obvious, but it’s something that a lot of organisations still fail to get right, as Britain’s NHS found out when it fell victim to the WannaCry attack in 2017. Not only must all data be backed up, but it should also be stored in a separate, self-contained environment with automated recovery and rollovers.
#2. Embrace the cloud
While migrating to the cloud doesn’t guarantee better cybersecurity by itself, it does provide businesses with the means to reduce their reliance on in-house infrastructure. For example, data stored in the cloud is often stored in at least three separate physical locations. By bringing companies to the cloud, a managed services provider (MSP) can help them boost resiliency.
#3. Educate your employees
Like any other malware, ransomware typically spreads through social engineering scams. It’s a lot easier to dupe people into taking a desired action than trying to remotely hack a computer, after all. That’s why your employees are the first and last line of defence against ransomware and other threats, so it stands to reason that they need to be properly trained.
#4. Avoid opening macros
A lot of ransomware are propagated through automated input sequences known as macros, which are common in programs like Microsoft Word for executing certain commands. While macros are extremely useful in certain cases, they can also be used to launch malicious software. To mitigate the risks, always avoid running macros in documents from untrusted sources.
#5. Disable remote desktop connections
Remote desktop protocols allow users to remotely access their machines, which can be useful when employees are working while on the move. Unfortunately, they’re also a common avenue for hackers to exploit, which is why such connections should be avoided in most cases. Should a hacker gain access, they may be able to disable antivirus software and install malware.
#6. Limit user privileges
Most ransomware attacks can execute without administrator rights, just as a lot of legitimate programmes can. However, ransomware’s biggest weakness is still user privileges. By limiting them to the bare minimum, you can prevent employees from launching any executable ransomware file or script on business devices.
#7. Update your software
A lot of ransomware target outdated operating systems, which is one of the reasons NotPetya and WannaCry were so successful. By targeting, for example, the long-deprecated Windows XP, they were able to gain easy access to the devices running them. Keeping your computers updated and ensuring all your software is still supported will go a long way towards achieving better protection.
#8. Use current anti-malware
Although there’s much more to cybersecurity today than antivirus programs, anti-malware still goes a long way towards protecting endpoint devices, such as computers, smartphones, point of sale systems, and anything else with an internet connection. So long as the device handles sensitive data and is connected to the internet, it must be running up-to-date anti-malware.
OfficeTek offers proactive technology support and expert guidance to businesses in the West Midlands. Call us today to schedule your first consultation.