Ransomware attacks on businesses shot up in 2016, with the creation of new ransomware families increasing threefold between Q1 and Q3 of the year and attacks jumping from every two minutes to every 40 seconds, according to the Kaspersky Security Bulletin 2016 (you can download the full report here). For individuals, frequency of attacks has gone from every 20 seconds to every 10.
Criminals use common forms of ransomware such as crypto-malware to lock users out of their systems and demand money (ordinarily via Bitcoin) to allow them to regain access. But while ransomware has seemingly gotten more sophisticated, we're far from helpless with various protections and fight back techniques available to those in the know.
Here are three simple things you can do that will help keep yourself and your company more secure against ransomware attacks.
Backup your data
Arming yourself with the knowledge of how to effectively fight back against ransomware attacks is one of the most vital tools your business can have in its arsenal. There are many simple and effective security solutions out there, but prevention is often the best form of defence in these cases.
It sounds simple, but backing up your data is the number one thing you can do to protect it from being lost in the event of an attack. According to Kaspersky, one in five of companies who are hit by crypto-malware never get their data back (even if they pay the ransom), so there are no guarantees information will be safe unless it's backed up somewhere secure. You can read more about this in Kaspersky's full report.
Take a moment today to make sure everything is up to date, whether you are using a cloud storage platform or a physical hard drive, and make it a regular part of your work schedule to do this.
Make sure the latest version of software is on all devices
Various trends in 2016 - such as a rise in Ransomware-as-a-Service (RaaS) - have increased the risk and awareness of ransomware moving forwards, and companies and individuals must increasingly make sure they know about the dangers these kinds of attacks can pose to their data.
Another basic habit that could save a lot of aggravation down the line is making sure software is always up to date. Attackers can seize upon gaps in security on older versions, so don't make it easy for them - never put off updating apps and software when prompted, and tell colleagues to do the same. So many significant attacks have been successful because of security holes present in outdated software, but these can be easily prevented with just a few moments of your time.
Know what to do when you're hit
With all the care in the world, it's possible that you will suffer from a ransomware attack at some point. This just means that you should spend a few minutes reading up on what to do (and what not to do) if and when it does happen.
For starters, report the criminal activity to the authorities as soon as possible, and arm yourself with one of the many free decryption tools to give yourself the best chance of retrieving your data. Read more tips on this in the Kaspersky Security Bulletin (download here).
It's also important to know that you should never, ever pay the ransom, as there is no guarantee that the person behind the attack will follow through on their end of the deal. Often, sophisticated cybercriminals offer help and advice to victims on how they could buy bitcoin in order to pay the ransom, but this is obviously not in their best interests. In fact, paying will simply make you a bigger target, and more money could be demanded next time.
-
How to implement a four-day week in techIn-depth More companies are switching to a four-day week as they look to balance employee well-being with productivity
-
Intelligence sharing: The boost for businessesIn-depth Intelligence sharing with peers is essential if critical sectors are to be protected
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crimeNews A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaosNews Thousands of ransomware cases have already been posted on the dark web this year
-
Everything we know about the Ingram Micro cyber attack so farNews A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culpritsNews Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackersNews While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
