In-depth

How can you protect your business from crypto-ransomware?

Here are some easy-to-apply rules to help keep your data - and your business operations - safe

Crypto-ransomware, also known as cryptors, is a specific type of ransomware where the files and data that are stored on the infected device are encrypted into an unreadable form. This means the data can only be decrypted by using the necessary decryption key, which is only released by the criminal after the victim has paid the ransom demand.

Consumers affected by crypto-ransomware are usually faced with demands of 250 to 500, but ransom charges for businesses can be much higher as cybercriminals understand just how valuable data can be. If the ransom goes unpaid, the price will steadily increase until the decryption key is deleted, making it virtually impossible to recover the files. But even if a ransom is paid, there's no guarantee the data will be decrypted.

A recent report from Chubb has revealed that ransomware attacks for 2019 have already outpaced the total number of incidents in 2018. Although any company can be affected by ransomware, professional and financial services are a particularly attractive target. 

"Some ransom demands have grown to the six- and seven-figure range," said Michael Tanenbaum, Head of Chubb Cyber North America. "It is critical for businesses to understand the increased sophistication of ransomware, what procedures and systems need to be in place to mitigate the risk, and what solutions they need to protect themselves should they experience an attack."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

A temporary loss of data can disrupt business-critical processes, and could lead to lost sales, reduced productivity and significant costs for system recovery. However, the permanent loss of data can have much more severe consequences, from damaging the company's competitive position to preventing access to intellectual property and design data.

In common with most other types of malware, there are many ways in which a cryptor can find its way onto business computers and other devices. Here are some easy-to-apply rules to help keep your data - and your business operations - safe.

Educate users:

People are often the most vulnerable element in any business. Teach employees about IT security basics, including raising awareness of phishing and spear-phishing attacks. Emphasise the security implications of opening suspicious-looking email attachments, even if it appears to be from a trusted source.

Security awareness training programmes can be a good way of ensuring employees are aware of the latest threats, and to keep security front-of-mind for staff.

Related Resource

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

Regularly back up data:

Advertisement - Article continues below

The best way to keep business data safe is by backing up systems regularly. With a good backup system, a ransomware attack won't have a catastrophic effect on business continuity.

Almost all businesses will already have data back up policies. However, it's also essential to back up data onto an offline backup system, rather than just copying files to another live' system on a corporate network. Establishing a back up and disconnect' policy will help keep backup files safe from cryptors.

Protect all devices and systems:

Cryptors don't just attack PCs. Business security software must also be able to protect Mac computers, virtual machines and mobile devices. It is also worth ensuring there is sufficient protection installed on the organisation's email system.

Advertisement
Advertisement - Article continues below

But as well as protecting devices and internal systems, it's also important to make sure that third-party applications are updated as well. Hackers can easily leverage a vulnerability in a popular application to breach your network and start infiltrating other systems.

Deploy and maintain security software:

Advertisement - Article continues below

As with all malware prevention, updating and patching early and often is a valuable policy to follow. Updating all applications and operating systems will allow elimination of newly discovered vulnerabilities, and ensuring security applications and anti-malware databases are up-to-date will enable the business to benefit from the latest protection.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/malware/33080/hackers-abuse-linkedin-dms-to-plant-malware
malware

Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Visit/digital-transformation/31168/four-ways-cios-can-drive-digital-transformation
digital transformation

Four ways CIOs can drive digital transformation

17 Jan 2020
Visit/strategy/28223/cio-job-description-what-does-a-cio-do
Business strategy

CIO job description: What does a CIO do?

7 Jan 2020
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

23 Dec 2019

Most Popular

Visit/business-strategy/public-sector/354608/uk-gov-launches-ps300000-sen-edtech-initiative
public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/business-strategy/mergers-and-acquisitions/354602/xerox-to-nominate-directors-to-hps-board-reports
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
Visit/network-internet/web-browser/354614/microsoft-developer-declares-its-time-to-ditch-ie-for-edge
web browser

Microsoft developer declares it's time to ditch IE for Edge

23 Jan 2020