92% of the companies that paid a ransom following a cyberattack do not recover their data. (Forbes). This is a practice that is becoming more and more prevalent and here is how to protect yourself and react if your organization suffers such an attack.
Ransomware Attack
Ransomware is a type of malware that restricts access to your files and displays a message demanding payment (ransom) in order to free your data. Cybercriminals restrict access to your data, either by encrypting it or by locking down your systems. The two main ways to attack are through phishing emails with malicious attachments and through advertisements on websites.
Avoiding Ransomware
Here are some tips according to the Government of Canada to avoid ransomware in your organization:
1.Provide security awareness training to all your employees.
Employee awareness is the most effective way to avoid data theft and having to deal with ransomware. Phishing scams succeed because employees are not trained enough to identify and avoid them. At MS Solutions, we offer training with the objective of raising awareness of cybersecurity threats and developing their skills to identify the threats your organization may face. See the details of our cybersecurity training for employees.
2.Update your operating system and applications.
Updates help secure your software with necessary security patches and vulnerability fixes. For example, Windows often updates to counter new attacks. Enabling automatic updates can be a way to ensure you are always safe.
3.Limit access to those who need it.
Give limited access to your employees and give access only to those who need it, according to their tasks. Limiting access helps reduce your risk of being a future victim of cybercrime.
4.Use multi-factor authentication (MFA).
To improve your cybersecurity, adding layers of protection is very important to protect your sensitive data. Today, having only a strong password is in most cases insufficient.
5.Back up your data.
Back up your data frequently and store it offline. If you make backups online, they could be compromised during the attack. With these offline backups, you will be able to recover your secure files without having to negotiate and respond to ransom demands. Backups go a long way in reducing the consequences of a ransomware attack.
6.Run simulations.
If your employees are aware of ransomware threats and know what to do in the event of an attack, your organization will be able to manage the situation and recover faster. We offer a corporate phishing awareness solution for employees using our Vigilance by MS Solutions tool.
If you are under attack, here’s what to do
- Isolate the infected device;
- Try to determine the type of ransomware;
- Reset the device and erase all data;
- Update the device;
- Change all your passwords;
- Report the crime, to your local police department as well as the Canadian Anti-Fraud Centre and the Canadian Centre for Cyber Security.
If you have any further questions, please do not hesitate to contact one of our experts on this subject.
In Short
Be alert to attacks on your organization. At MS Solutions, our mission is to protect our customers with maximum security. Contact one of our specialists to learn more about our training and secure outsourcing services.
