Protecting Your Business from Ransomware Attacks

In another recent blog post I outlined what ransomware is and the huge threat it poses to business and industry.  Now I’d like to briefly discuss some of the practical steps that any business can take to reduce the chances they’ll become the victim of a ransomware attack. 

It all Starts with Employee Training

Most ransomware attacks are the result of subterfuge, tricking a company’s employees into downloading malware onto their company’s IT system.  From the crooks’ standpoint, this is a much more effective and productive mode of attack than trying to breach a network via port scans and brute force.

Phishing is the way this is often done.  A phish is a malevolent email that resembles a legitimate communication.  Often the phish mimics the appearance of a real email, complete with logo and familiar color schemes. Contained within the phish is a link or an attachment for download  that the recipient is asked to click in response to a request or to “verify” data.  Of course, the link is nothing more than a means for downloading malware onto the victim’s computer that will eventually open the door to the company’s network.  Once the network is breached, the criminals can proceed with downloading and encrypting as much data as they want.

So, the first line of defense, and the most important, is training people to recognize and avoid phish emails.  Some phishes are dead giveaways with their misspellings, grammatical mistakes, and poorly executed graphics.  Others are more sophisticated and seem on the surface entirely legitimate. 

However if you hover on the sender’s name in the address line, you’ll see the origins of the email.  If it doesn’t match the sender’s name,  it’s not from the purported source.  Likewise, check the spelling of the sending entity’s name very carefully.  Criminals like to choose names that closely resemble a legitimate sender’s name, counting on people in a rush to assume that it’s for real.  Fed-EXX is not the same as Fed-EX.

Common sense is also an effective defense.  If you aren’t expecting a package, why would “Fed-EX” or “DHL”  notify you that they need your address to make a delivery?  Why would Discover credit card ask you to verify your card number when you don’t have a Discover card?  If an email makes no sense to you or it promises something too good to be true, it’s almost certainly a phish that needs to be trashed ASAP.

Here at LevelUp MSP, we conduct extensive customer training courses to help our clients recognize phish attacks and deal with them appropriately.  We also provide a service where clients can forward to us suspicious emails for our detailed analysis. 

The golden rule is:  if you have any doubts at all about an email, don’t click on any links contained within it.   

Harden your Network to Resist Attacks

The second line of defense has to do with hardening your network to mitigate the effects of a ransomware attempt. Backing up your data on a regular basis and storing that data in a secure off-site location is an effective way to protect against ransom attacks and disasters of all varieties.  If data backup is not part of your regular IT maintenance agenda, it needs to be ASAP. 

Run checks and tests to make sure that your network has the latest security technologies. If you or your IT specialist is unsure how to best accomplish this, it makes sense to bring in a third party who knows what to do.  For years, our clients throughout Silicon Valley and  Northern California have turned to LevelUp MSP to assist them with ensuring the security and integrity of their networks.  Please know that we’re here to help you too.  

Take Action to Protect Your Data

When I hear about a company being victimized by ransomware, my reaction is one of sympathy, but also outrage. Criminals take from all of us, and a firm’s road to recovery can be long, expensive, and painful. No one should have to deal with it. 

However, what I can’t understand, and never will understand, is how companies that have been victimized by ransomware continue on – business as usual – without taking any kind of preventive actions.  Why would anyone set themselves up for a repeat of such a security disaster, especially when it’s so avoidable? 

As a service provider, we’re dedicated to protecting our clients from all forms of  cyber threats.  Ransomware attacks are real and dangerous, but they can be repulsed. Working together, we can make that happen.