Posted by Shivali Anand
September 9, 2021 | 3-minute read (572 words)
Ransomware refers to malicious software that infects computers and prevents users from accessing them until a ransom is paid. According to Cybersecurity Ventures, a firm is hit by ransomware about every 11 seconds, and worldwide ransomware damage costs are expected to hit $20 billion by the end of the year.
In widely reported ransomware attacks this summer attributed to Russian-speaking hacker group REvil, hackers gained entry to more than 1,500 global organizations’ computer systems. They accomplished this by exploiting a weakness in Kaseya’s IT management service software.
The hackers’ ransom demands for restoring access to the various companies’ systems totalled $70 billion. Among the firms attacked were dentistry clinics, grocery chains and railways.
What the REvil attacks revealed
REvil’s ransomware attacks showed that it is not only large companies that are at risk. The group also targeted small- and medium-sized businesses. Cybercriminals are not prejudiced; their priority is finding vulnerabilities.
Unfortunately, many business owners are largely unaware they are risk and what is at stake. More importantly, they may not know there are steps they should take right now to protect their data and IT systems.
Here are ransomware-prevention actions firms can undertake now:
The first line of protection against all forms of cybercrime is a firewall to protect your trusted internal network from unknown external ones. Firewalls keep hackers, viruses and harmful software from gaining access to your network. Hardware-based, software-based and cloud-based firewalls are the three types available.
- Install a firewall
Backups can’t prevent attacks, but they are essential in the event a primary copy of data is compromised.
- Perform routine backups
Cybersecurity experts advise:
- Storing backups offline so they are inaccessible to criminals.
- Making immutable backups / read-only copies that can’t be destroyed or altered.
- Making frequent backups. Backup daily and you will lose only a days’ worth of data.
Hackers exploit known vulnerabilities, security flaws or faults in operating systems and other software, so apply every update and patch ASAP. Ensure all software used by your organization is up to date, even programs not currently in use. Secure every device on the network.
- Install updates, fixes and patches
People should only have the permissions needed to do their jobs. This is known as the concept of least privilege in cybersecurity. Remember that hackers frequently use low-level user accounts as an access point. It’s not just the CEO’s account that needs protection.
- Limit permissions
Conduct routine vulnerability assessments and audits to identify possible flaws in your IT infrastructure. Testing should also be done any time new software or other modifications are implemented.
- Test regularly
Hackers can quickly get access by using weak passwords. Most individuals use the same password for multiple purposes and pick basic passwords like 12345 or abcde. Default passwords are easily discovered on the internet, so you should require continual updates.
A strong password includes:
- Enforce strong, unique passwords
- At least eight characters.
- Mixed capitals.
- Tiny letters.
- Special characters.
- No words from a dictionary.
Employees are weakest security link. Regular cybersecurity training can raise awareness and develop a sense of urgency.
Cybersecurity employee training should cover:
- Make sure staff understand the importance of cybersecurity
- Knowing how to spot phishing scams.
- Why malicious software and websites constitute a threat.
- The significance of using strong passwords.
- Knowing how to safeguard credentials.
- Knowing how to keep their devices up to date with the latest software.
- Not opening attachments from unknown or untrusted individuals.