What is Ransomware and what can you do to protect your business?

Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. Read More....

The following best practices will greatly decrease your chances of being hit by Ransomware. Also check out this Ransomware Response Checklist that can help you put a plan in place if your business is ever hit by Ransomware.

  • Make an offline backup of your data.
  • Do not click on suspicious links.
  • Limit access to resources to your internal networks from outside sources.
  • Ensure devices are properly configured and that security features are enabled. Disable ports and protocols that are not being used for a business purpose.
  • Update your Operating System and application software.
  • Automatically update antivirus and anti-malware solutions and conduct regular virus and malware scans.
  • Conduct regular vulnerability scanning to identify and address vulnerabilities, especially those on internet-facing devices.
  • Upgrade software and operating systems that are no longer supported by vendors to currently supported versions.
  • Prioritize timely patching of internet-facing servers—as well as software processing internet data, such as web browsers, browser plugins, and document readers—for known vulnerabilities.
  • Use strong passwords. Passwords should not be reused across multiple accounts or stored on the system where an adversary may have access. Read More...
  • Use multi-factor authentication when possible.
  • Create, maintain, and exercise a basic cyber incident response plan.