In the past few years, you’ve likely heard reports about ransomware. Computers are locked and files encrypted by malicious programs designed to extort money from users. In 2015, the Internet Crime Complaint Center had reports of 2,500 cases of ransomware costing victims $24 million in the US alone.
Once ransomware is unwittingly installed on devices, the perpetrators demand payment for the decryption key or for unlocking the files. Not all victims get their files back, even after paying the ransom, making ransomware highly profitable for the hackers and extremely dangerous for users.
While it may be impossible to completely protect your computers and network from ransomware, here are a few tips that can help.
Educate Your Staff
Make sure all your users understand the dangers of ransomware and how to recognize phishing attempts. Caution them never to open unexpected files and not to click on links contained in email, no matter how legitimate it looks.
Regular Backups and Maintenance
Make frequent backups of every device on your network. Don’t rely on users to remember to do this—make it automatic. The best bet is to back up multiple times per day. Make sure all software is current with patches and security updates, especially antivirus software. Also, ensure you have strong firewalls in place.
Limit User Permissions
To help limit the spread of ransomware across your network, only give employees access and permissions to what is needed for their specific job. Ensuring that users are not members of elevated permission groups like domain administrators will help you keep the damage in check.
Know What to do When Infected
It may be too late to save the infected computer, but try to limit the spread of the malware to others. Many users turn off their PC and reboot it if they have a problem assuming that will fix the issue. With malware, this just opens the door to the spread of infection. Immediately disconnect the affected device from the network, shut it down, and contact your IT department. The affected user should not waste time trying to fix the computer themselves since time is of the essence in preventing malware from spreading.
These few security steps lay the initial groundwork toward building a more secure infrastructure to ward off future ransomware attacks.