There is no doubt that ransomware continues to still be considered a big threat to businesses. The UK’s National Crime Agency (NCA) is warning in its most recent report that the overall threat from cybercrime has increased during the past year, with more severe and high-profile attacks against victims. Of particular concern for the NCA is the growth of ransomware “causing harm to our citizens and communities on a significant scale,”
In the U.S., this was most recently seen with the Colonial Pipeline ransomware attack, which eventually led to panic buying, gasoline shortages and price increases. In response to this ransomware attack, the U.S. Department of Homeland Security (DHS) has just issued new pipeline cyber security requirements.
Now, a new report by ISACA says that just over two-thirds (67%) of IT professionals expect their organizations to take new precautions in light of the Colonial Pipeline attack. While this could be a great step forward, the same report highlighted that 38% of respondents said their company has not conducted any ransomware training for their staff, which could potentially lead to issues in the event of a ransomware attack or even lead to a ransomware attack itself.
So, if you are feeling like the 67%, what should you do to better fortify your cyber security defenses? Here are 4 things you can do to better protect yourself from ransomware.
- Keep systems up-to-date by regularly patching
Patching systems on a regular basis is key to preventing criminals from exploiting known exploits in systems.
- Ensure all staff are regularly trained to spot phishing emails
Most malware/ransomware seems to come into a network via a phishing email, where a user is tricked into downloading the malware, or by giving up credentials that a cyber criminal can use to log in and install ransomware. By regularly training staff to recognize phishing attempts, as well as letting them know how to report it is helpful to prevent ransomware outbreaks.
- Use multifactor authentication wherever possible
Multifactor authentication uses something a user has and something the user knows to log into their systems. As passwords are routinely stolen and put on the dark web, using a password alone for authentication can put your organization at risk. By using multifactor authentication, it makes it more difficult for a hacker to break in, as they now need a second piece of information (be it a one-time SMS code or token).
- Keep offline and offsite backups of all important data
One of the reasons ransomware has been so lucrative for criminals is because organizations have been willing to pay to get their data back. If you are able to keep copies of your data backed-up somewhere where they can’t also be infected with ransomware, then you have less reason to pay a criminal to get your data back.
If ransomware is keeping you up at night, contact Uzado today. We can help your organization with patch management, cyber awareness training, multifactor authentication and backing up your data.