Leonard has been an accomplished writer for more than 20 years. He’s been a reporter, editor and marketing writer at daily newspapers and has also worked with a variety of private clients on marketing materials and brand-building.
|EDUCATION: Mass Communication from Central Washington University||BLOG: None provided|
|CERTIFICATIONS: None provided||CURRICULUM VITAE: Must be logged in to view|
Your average computer security expert is likely prepared for the average virus.
Perhaps they’ve installed anti-virus software on all company workstations once in the past, and made all employees sign a document years ago stating that they’ll try and be careful what sites they visit or what files they download.
While this approach to cyber-safety may have been adequate a few years ago, it may no longer be good enough in the scary new era of ransomware: a specific type of malware that makes it easy for an outside perpetrator to encrypt a company’s or individual’s entire networks and databases, and then demand a certain amount of money to provide the ‘unlock’ code.
Malware is much more “vocal” than some past worms that may subtly probe and slip into someone’s defenses once they find a vulnerability and then take their time grabbing data so they may not even be detected for weeks, months or even years.
PCWorld calls ransomware the equivalent of someone with a gun making loud threats and promising to carry them out unless its demands are met. They aren’t so much into actual corporate data like customer identity details or financial information, but prefer cybercurrency like Bitcoins or Monero.
Like ‘real world’ crimes, there aren’t many good options available when these criminals show up, so the smartest move is to be ready for their arrival, or even better, to take steps in your network configuration and security protocols to keep them from showing up at all.
Ransomware has grown in popularity, including a 600 percent increase in reported cases in 2016 over 2015, and more than $1 billion in company losses, compared to $24 million the previous year. All sorts of businesses and government offices and even individuals have been targeted, but small businesses seem especially susceptible, perhaps because many may not consider themselves noticeable targets compared to larger firms, so they don’t make a habit of taking proper precautions.
But here are some smart strategies to anticipate and prevent it:
1. Offer regular employee training in security. Start by sharing horror stories of how companies or municipalities have been quickly and easily victimized. Tell the staff that even something as simple as clicking on an unfamiliar email link or pop-up ad, downloading and running a file you’re not sure of, inserting an unknown thumb drive or doing company business from a public Wi-Fi spot all could introduce ransomware or other threats into a network. Reinforce these lessons regularly, including sharing what clues could tip off someone that an email isn’t legitimate, such misspellings or unusual wording. Creating weak passwords or being careless with documentation can also create vulnerabilities.
2. Keep on top of software updates. If you invested in company-wide anti-virus security programs three years ago, they may still be scanning for programs from that time, and miss newer threats. Commercial or third-party programs can provide regular updates for the latest threats. Active firewalls can also help supplement network protection, especially ones customized to block riskier sites, IP addresses known to be dangerous or even macros, ads or certain scripts.
3. Use separate servers. Use one for public interaction and the other for internal use. It’s common, especially in smaller organizations, to have the front-end customer interface be on the same server as company databases. While this is convenient and cost-effective, it creates vulnerabilities for hackers to access your system.
4. Consider data cloud storage or virtual machines for some databases or data stores. This keeps information away from physical access and also provides an easy ability to pull data down remotely to restore a system if the main database is ever compromised. Some companies use the cloud for daily back-ups but keep the most critical and proprietary information on a separate unconnected in-house terminal.
5. Develop a ‘disaster plan’ company-wide. A documented action plan for a ransomware attack avoids panic by detailing proper processes, options and any decision-makers. For instance, the City of Mountain Home, Ark., recently underwent a ransomware attack on its water department. Rather than taking time to investigate or attempt negotiations with the hacker, officials simply alerted authorities and then deleted and reinstalled the database.