In this third and final part of our cybersecurity series on ransomware, we will discuss behaviors that impact your probability of being targeted. In Part 1, we talked about common entry points of ransomware through the human firewall such as phishing emails containing malicious attachments or through drive-by downloading. We also briefly covered how to protect your assets and minimize the damage. In Part 2, we discussed myths and assumptions about ransomware and the importance of a cyber insurance policy.
The unfortunate truth is that many victims of ransomware make themselves vulnerable to attack. Better cybersecurity is possible, however, and can do a lot to prevent an incident before it happens.
All it takes is one naive user clicking on a suspicious link or trusting a phishing email to let the bad guys in.
There are a LOT of variables in responding to a cybersecurity attack, and scrambling to get them sorted after an attack happens virtually ensures a failed response.
Protecting your data effectively requires knowing exactly where it is stored and which pieces are critical to your daily functioning. If your information is scattered across systems and networks and you don’t know what is where you are extremely vulnerable to a cybersecurity incident.
It isn’t enough to keep sensitive files offsite and backup regularly. If your backup isn’t recent, doesn’t contain all of the vital information, or isn’t adequately encrypted, you’re still at the mercy of your attackers. The key to beating ransomware pirates is frequent backups, but that only works if you can recover your data before their payment deadlines. If you’re relying only on old school tape backup, that isn’t going to happen.
Basic security training and awareness of common attack methods for every employee can go a long way toward mitigating your risk.
Plan out every detail of how you will respond to an attack ahead of time, including call chain orders, PR, and contingencies.
Knowing where every piece of data is stored, which parts are critical to your functioning, and how they are protected gives you a distinct advantage in the event of an attack.
A hybrid backup that uses both local backups and copies stored on a private or public cloud to entirely restore the operating system, all applications, and all user data protects against ransomware variants that can spread across the local network and allows you to essentially go back in time to before the infiltration occurred. Perform backups frequently and encrypt your data.