Ransomware attacks on businesses shot up in 2016, with the creation of new ransomware families increasing threefold between Q1 and Q3 of the year and attacks jumping from every two minutes to every 40 seconds, according to the Kaspersky Security Bulletin 2016 (you can download the full report here). For individuals, frequency of attacks has gone from every 20 seconds to every 10.
Criminals use common forms of ransomware such as crypto-malware to lock users out of their systems and demand money (ordinarily via Bitcoin) to allow them to regain access. But while ransomware has seemingly gotten more sophisticated, we're far from helpless with various protections and fight back techniques available to those in the know.
Here are three simple things you can do that will help keep yourself and your company more secure against ransomware attacks.
Backup your data
Arming yourself with the knowledge of how to effectively fight back against ransomware attacks is one of the most vital tools your business can have in its arsenal. There are many simple and effective security solutions out there, but prevention is often the best form of defence in these cases.
It sounds simple, but backing up your data is the number one thing you can do to protect it from being lost in the event of an attack. According to Kaspersky, one in five of companies who are hit by crypto-malware never get their data back (even if they pay the ransom), so there are no guarantees information will be safe unless it's backed up somewhere secure. You can read more about this in Kaspersky's full report.
Take a moment today to make sure everything is up to date, whether you are using a cloud storage platform or a physical hard drive, and make it a regular part of your work schedule to do this.
Make sure the latest version of software is on all devices
Various trends in 2016 - such as a rise in Ransomware-as-a-Service (RaaS) - have increased the risk and awareness of ransomware moving forwards, and companies and individuals must increasingly make sure they know about the dangers these kinds of attacks can pose to their data.
Another basic habit that could save a lot of aggravation down the line is making sure software is always up to date. Attackers can seize upon gaps in security on older versions, so don't make it easy for them - never put off updating apps and software when prompted, and tell colleagues to do the same. So many significant attacks have been successful because of security holes present in outdated software, but these can be easily prevented with just a few moments of your time.
Know what to do when you're hit
With all the care in the world, it's possible that you will suffer from a ransomware attack at some point. This just means that you should spend a few minutes reading up on what to do (and what not to do) if and when it does happen.
For starters, report the criminal activity to the authorities as soon as possible, and arm yourself with one of the many free decryption tools to give yourself the best chance of retrieving your data. Read more tips on this in the Kaspersky Security Bulletin (download here).
It's also important to know that you should never, ever pay the ransom, as there is no guarantee that the person behind the attack will follow through on their end of the deal. Often, sophisticated cybercriminals offer help and advice to victims on how they could buy bitcoin in order to pay the ransom, but this is obviously not in their best interests. In fact, paying will simply make you a bigger target, and more money could be demanded next time.
