10 controls to guard against ransomware

Hackers are out to get you. That’s not hyperbole, they really are. And ransomware is one of their most powerful tools. So, it’s essential to guard against it, and them.

What is ransomware?

A malicious software that will lock you out of your computer or system until you pay a sum of money to regain access – as the name suggests, they are holding you ransom. 

The most common way to put ransomware on your computer is phishing. Hackers send an email that looks like it’s from a legitimate business and encourage you to click on a link that downloads their malware onto your computer. They can also get you via insecure Wi-Fi networks and fake websites, among other tactics.

How to guard against ransomware

1. Phishing training – Train your staff to spot and avoid phishing emails. Maybe even send out a fake phishing email to demonstrate how easy it is to fall for the scam. Regular training sessions will help staff remain vigilant 
2. Back up your data – if you keep your data on a hard drive or perhaps the cloud, then it will still be accessible to you even if you are held to ransom, thus reducing their power. You should back up your data once a day.
3. Update your systems – the hacker vs security system game is one of cat and mouse. One gets better, and the other works out how to beat it. So, it is important to make sure you are continuously updating your security software to protect you from hackers.
4. Segmentation – the Titanic was segmented, so if it had a collision, even if a compartment flooded, the water would not spread to the rest of the ship. This is one of the reasons it was considered unsinkable. The same theory applies to your network, though hopefully with a bit more success than the Titanic. Divide your network into smaller sub-networks, so even if there is an attack they cannot get into the whole system. 
5. Fire drills – most builders run fire drills at some point in the year. So when a fire comes, you know what to do. You should develop policies and practice them in the event of ransom where. This should include notifying third parties or clients in the event of a hack. 
6. Intrusion Detection System (IDS) – like a fire alarm, this will let you know if something is in the system. There are plenty of different solutions on the market, some operated by third parties. A good IDS can detect a malicious actor in your system quickly.
7. Never use an unknown USB – this should be covered in your staff training. Though most ransomware attacks come from phishing, this is a potential attack point too. 
8. VPN – if you have to use a public Wi-Fi, a VPN is a useful and easy way to protect you from outside hackers. 
9. Never share personal data – it’s all too easy to give out an email address here or an address there. But that’s all the hackers need sometimes. Be vigilant. If you get a call, text or email from an unknown or untrusted source it’s best not to disclose information. If they are pretending to be a company, you should hang up and contact the company directly. Hackers can use this information to hack or to make a phishing email more believable. 
10. Avoid personal admin on company computers – if staff are using their work laptops for all sorts of different things, aside from work, they are more likely to end up on an insecure website that could download malware onto your system.

Malware is out there, but there are plenty of ways you can avoid it becoming a problem. Above all, have up-to-date software, stay vigilant, and keep training your staff in the latest ways to protect themselves. Prevention is always better than cure.