Once your files have been encrypted, the game is almost always over. Backups are often out of date and missing critical information.
Ransomware has become increasingly sophisticated and effective at separating users from the contents of their computers. For example, sometimes it targets backup files on an external drive. You should make multiple backups — to cloud services and using physical disk drives, at regular and frequent intervals. It’s a good idea to back up files to a drive that remains entirely disconnected from your network.
Update and Patch Your Systems
The recent SamSam virus-like attack takes advantage of at least two security vulnerabilities on servers, including one discovered in 2007. Updating software will take care of some major vulnerabilities. Browsers such as Chrome will automatically update behind the scenes, saving you the time and deterring hackers.
Use Antivirus Software
It’s basic but using antivirus will at least protect you from the most basic, well-known viruses by scanning your system against the known fingerprints of these viruses. Low-end criminals take advantage of less savvy users with commonly known viruses, even though malware is constantly changing and antivirus is frequently only days behind detecting it.
Educate Your Workforce
Basic cyber hygiene such as ensuring workers don’t click on questionable links or open suspicious attachments can save headaches. System administrators should ensure that employees don’t have unnecessary access to parts of the network that aren’t critical to their work. This helps limit the spread of ransomware if hackers do get into your system.
If Hit, Don’t Wait and See
When hackers hit MedStar Health Inc., the hospital chain shut down its network as soon as it discovered ransomware on its systems. That action prevented the continued encryption — and possible loss — of more files. Hackers will sometimes encourage you to keep your computer on and attached to the network but don’t be fooled.
If you’re facing a ransom demand and locked out of your files, law enforcement and cybersecurity experts discourage paying ransoms because it incentivizes hackers and pays for their future attacks. There’s also no guarantee all files will be restored. Many organizations without updated backups may decide regaining access to critical files, such as customer data, and avoiding public embarrassment is worth the cost.
The hackers are counting on that.