Ransomware is one of the most dangerous threats out there to many organizations today. If you haven't heard of it by now, it's when a hacker is able to access your computer to encrypt all your files and data. The hacker then asks you to pay a ransom to get back access to your files.
You may be telling yourself, "Well I have backups of my data", or "What are the chances of that happening to me?". The truth behind it is.... we can all be hacked! Hackers today no longer only go after big corporations, they also put traps on the internet hoping for someone to fall prey. They may disguise their trap as "Free Antivirus" or "Download the #1 PDF reader" and not knowing any better to the untrained eye, the victim clicks and downloads the virus.
What makes this even worse, is that downloading a virus is just one method to get infected by ransomware. We still have PC vulnerabilities, e-mail attachments, file transfer, Dropbox, OneDrive, and many more different ways to get hacked.
So, what can we do to protect ourselves? Here are 5 methods you can use to protect yourself.
1) Be active, not passive
Invest in anti-virus software. Most anti-virus software vendors out there today have added additional security features to prevent you from going on malicious websites, or even allowing you to download viruses onto your computer. Make sure to check out the features of what you're installing first as some providers give you basic protection when you may actually need the upgraded package.
Backups are really important when it comes to ransomware resiliency, some advanced types of ransomware can affect backups, so make sure you keep a "not connected" or "offline" copy of your backups. This will allow you to restore your data if you ever need to.
3) Create a handbook for tackling cyber-incidents
Because all cyber-attacks differ, we need to assign the correct personnel to handle different scenarios. If you're an organization, have a huddle meeting with your team to run through some scenarios and how you may tackle a situation from different approaches.
You don't need a degree to protect yourself against attacks. Sometimes having a quick 2 minute video demonstration or an e-mail of what to look out for each week can go a long way in protecting yourself against hackers. There are also some automated programs for organizations that help test and train employees on cybersecurity.
One model that is becoming more popular is Zero-Trust. A person trying to connect their device to the company network must be authenticated and verified before getting access. Think about it this way, you wouldn't give the keys to your brand-new BMW to anyone you just met. You may ask a question like "Why do they need my car" or verify that the person is trustworthy before you hand over those keys.
Cybersecurity is no joke, it's not only a matter of dollars and cents to get back up and running, but there are also other impacts such as your company's reputation, increased insurance premiums, regaining lost customer's trust and other factors. Investing in your cybersecurity today, can save you millions in lost revenue or even years of time recovering.