Ransomware is still one of the most prevalent and damaging threats facing Internet users. Since the infamous CryptoLocker first appeared in 2013, we’ve seen a new era of highly targeted variants of file-encrypting ransomware delivered via spam messages and exploit kits extorting money from home users and businesses alike.
Today, businesses large and small are no exception to the threat of increasingly aggressive ransomware attacks. Losing access to critical files followed by a payment request can cause a huge disruption to an organization’s productivity. Globally, Sophos’ The State of Ransomware Report 2022 revealed that over the past year, over 66% of organizations were affected by ransomware attacks in 2021, up from 37% in 2020. Additionally, the average ransom paid to receive $812,360 was encrypted on their data, with 11% of victims paying a ransom of $1 million or more. In addition, it is imperative that businesses implement best practices to stay protected from ransomware, and here’s how:
For all the latest news, follow The Daily Star’s Google News feed.
1. Back up regularly and keep a recent backup offline and off-site
In the event of a ransomware attack, having an encrypted backup can save businesses valuable time and financial resources to get operations back up and running. Having a backup that is regularly updated and available offline and off-site also ensures that leaders don’t have to worry about the backup device falling into the wrong hands.
2. Allow file extensions
3. Be careful with unsolicited attachments
Ransomware attackers rely on the dilemma users face, knowing that they should not open a document until they are sure of the sender and its contents. In cases where the authenticity of an email cannot be verified, it is a good practice to exercise caution and report suspicious content.
4. Monitor administrator rights
IT teams need to ensure they are constantly reviewing administrator and domain administrator rights and are up to date on who has them and removing those who don’t need them. Additionally, users should not remain logged in as an administrator for longer than strictly necessary, and should avoid browsing, opening documents, or other regular work activities while they have administrator rights.
5. Use strong passwords
It sounds trivial, but it really isn’t. A weak and predictable password can give hackers access to an organization’s entire network in seconds. It is recommended that users use passwords that are at least 12 characters long, using a mix of upper and lower case letters and adding some random punctuation Ju5t.LiKETh1s!