Do you have data backups? Have you tested your backups to make sure they’re good?
Do you have a Disaster Recovery plan? Have you tested your Disaster Recovery plan?
We ask, because good backups, a Disaster Recovery plan, and the frequent testing of both is CRITICAL to addressing the tremendous spread of Ransomware. Typically, a business or person that gets ransomware is going to pay far more in terms of hiring security experts, reputation damage control, and legal fees than they would for the ransom itself. GET AHEAD OF THIS!
The ransomware evolution has begun. You NEED to make your data resilient to loss. We know there’s no such thing as being 100% secure, but you can definitely get close. And as we like to say, “You don’t have to outrun the bear; You just have to outrun your friends”. Think of the bear as ransomware and make sure your layers of security are more advanced than those of other businesses and you’ll be less of a target.
Take a look at this article. It details the mentality of a particular hacking group that has decided that it’s not enough to just hold your data ransom and to wait for a payment; They intend to extort you with data leakage as well.
What can I do to prevent ransomware infections?
- Update and patch your computer. Ensure your applications and operating systems (OSs) have been updated with the latest patches. Vulnerable applications and OSs are the target of most ransomware attacks.
- Use caution with links and when entering website addresses. Be careful when clicking directly on links in emails, even if the sender appears to be someone you know. Pay attention to the website addresses you click on, as well as those you enter yourself. Malicious website addresses often appear almost identical to legitimate sites, often using a slight variation in spelling or a different domain (e.g., using the lowercase L instead of a capital I or .com instead of .net).
- Open email attachments with caution. Be wary of opening email attachments, even from senders you think you know, particularly when attachments are compressed files or ZIP files.
- Keep your personal information safe. Check a website’s security to ensure the information you submit is encrypted before you provide it.
- Verify email senders. If you are unsure whether or not an email is legitimate, try to verify the email’s legitimacy by contacting the sender directly. Do not click on any links in the email. If possible, ask them face to face. If not, try using a known good phone number to call them and ask if it is legitimate. If neither of those is possible, use a previous (legitimate) email to ensure the contact information you have for the sender is authentic before you contact them.
- Inform yourself. Keep yourself informed about recent cybersecurity threats and up to date on ransomware techniques. You can find information about known phishing attacks on the Anti-Phishing Working Group website.
- Use and maintain preventative software programs. Install antivirus software, firewalls, and email filters—and keep them updated—to reduce malicious network traffic.