2016 has been the year of the cyber attack. Businesses are being bombarded constantly by cyber threats from every direction. The attacks are more sophisticated and more frequent than ever before. At Safety Net, we’ve managed 22 incidents for Michigan-based clients this year, 7 of which involved ransomware. As we head into 2017, the outlook for cyber threats doesn’t appear to be any better.
Ransomware viruses, such as Cryptolocker, have been the most notable issue this year. There has been dramatic growth in the number of them published, and their sophistication has significantly increased. Ransomware attacks work by infiltrating a system and encrypting its data. To regain access to their valuable data, the user is instructed to transfer a payment (ransom) by a specified deadline, or risk losing their information permanently.
The majority of the time, a virus of this sort starts with a phishing attack disguised as a simple email. The email has a malicious attachment or contains dangerous web link(s). Other times, individuals stumble upon ransomware through various websites. A shocking percentage of these viruses go undetected by antivirus software.
5 tips on how to avoid falling victim:
- Bring in an IT security expert to deliver Cyber Security Awareness Training for your employees.
- Limit Internet usage to business functions. Allow employees to bring their own device for their personal activity.
- Implement a layered IT security tool set — Antivirus, web content filtering, spam filtering, firewall virus scanning and security patch management.
- Ensure all of your data is backed up to a separate system with restricted access and permissions. Check the status of your backups often.
- Restrict employee access to file shares to only those who need them for their job function.
Additional tips:
- Ask your insurance agent, today, about a cyber-protection insurance policy.
- Paying the ransom after an attack should be a very last resort. Most attacks are performed randomly, and you don’t want to provide them with additional information about you.
- If you find yourself infected, if possible, shut down the computer environment and Internet immediately, then call an IT security expert.
- Upon detection of a virus, use a computer that is known to be clean to change your passwords. Many viruses try to obtain access to your local and web logons.
- If you store sensitive information that could have been compromised, contact an IT forensic investigation specialist.
Safety Net’s managed services provide businesses with a fractional IT department focused on cybersecurity protection. These services can help organizations minimize and mitigate their risk against cyber threats.