Ransomware is a malicious program that encrypts every file in your system. In order to reverse the encryption and regain access to your files, the victim is required to pay a sum to the attacker, hence the ‘ransom’. This post will go into the details of these attacks and what measures can be taken to prevent them.
How do Ransomware Attacks Occur?
In our experience, most ransomware infiltrates your computer through email phishing or compromised remote desktop access.
“Phishing” is a method of computer hacking where the victim is tricked into clicking a link or opening a file that contains a harmful program. Hackers will pose as your bank, a vendor, a partner, the government, or even a family member and request sensitive information. In the case of ransomware, they may entice you to click for a special offer or open a “time-sensitive document”. Once you click, the ransomware program begins its attack.
Remote desktop is a type of application that allows you to use your PC from anywhere just like if you were sitting at your desk. While this sounds like a luxury, it could be a liability if you don’t have the proper security in place. If your security is lacking, a hacker can exploit your remote desktop connection and download their ransomware program onto your system.
How to Prevent Ransomware Attacks
There are simple steps to take to protect yourself from ransomware, such as a solid antivirus program and network security policies. Consistent training on cybersecurity best practices and frequent reminder memos will help against phishing.
Consider restricting users’ ability to run installers and downloads. Anytime they need to run a download, it will have to be cleared by the IT department. This will stop them from accidentally running the installation of a virus.
Furthermore, you can restrict users’ permissions based on their department. This way, if someone in HR is attacked with ransomware, the files in Sales are not affected.
Recovering from Ransomware
Should all else fail and you find yourself the victim, the easiest way to recover without paying the ransom is working from a backup of your files. The key to a successful recovery is redundancy.
Local, onsite backups may not be enough. Cloud backups, totally separate from your network, would be even better. We’ve performed successful restorations from cloud backups that have got an organization up-and-running in a short time.