How to Stop Ransomware Attacks

Today the official website of the Department of Homeland Security released a document titled “Steps to Safeguard Against Ransomware Attacks”. It was a short article, but lets delve into it a little more deeply.

The recommendations were aimed at state and local governments to build resilience against ransomware. Fortunately, what works for them works for businesses as well! Here are the three steps they recommend:

  1. Back up systems-now (and daily). This is the most critical of the three steps, hence it is number one. It says do it “now”. Its critical the backups are on a separate device, NOT another computer on the network! Ransomware players seek out your backups and attempt to sabotage them before the files are encrypted. Get those backups off-site and protected by another layer of security. Of course once the files are encrypted, the files in the backup are encrypted. Back up every day, multiple times a day is even better. Use a different username and password for the backups. Better yet, pick a backup solution that has ransomware detection and don’t forget TEST THOSE BACKUPS! If you can’t restore successfully, they are worthless. Next Century Technologies provides a backup product that tests backups nightly, has built-in ransomware detection and has its own username and password. Have you checked your backups lately?
  2. Reinforce basic cyber security awareness and education. Most successful ransomware campaigns started with a social engineering attack. Phishing emails, or fake support calls are the most popular. Train  your employees on how to recognize these attacks. Train and re-train. An educational program that offers regular training on the latest attacks is most effective. These guys come up with very creative ways to manipulate people! Next Century Technologies offers programs that can train your employees right from their computers on a regular basis.
  3. Revisit and refine cyber security incident response plans. What is your plan if you are attacked? This one is a little different for non-government agencies. Do you have a trusted IT adviser? Do you have a business continuity plan? If not, we would love to talk to you!

 

 

 

About the Author

Tracy Hardin is President and founder of Next Century Technologies in Lexington, KY. She has a bachelor’s degree in computer science from the University of Kentucky and has earned certifications from Novell, Cisco and CompTIA. Her specialties in the field of IT are network design and security, project management and improving productivity through technology. She loves helping people by sharing her knowledge of tech.

Tracy caught the picture of this 6 ft. rat snake hiding in a neighbor’s tree in an idyllic Lexington suburb. Its a reminder of how security is sometimes an illusion.