The frequency of ransomware attacks exploded between 2016 and 2017, and there’s no sign that they’re just going to disappear any time soon. Quite the opposite, actually: hackers are designing even more complex attacks that are harder to identify and remove. Use this information to understand how they work and avoid them.
What does Ransomware look like in 2018?
Ransomware typically comes in the form of spoof emails or other infected links that inject your computer with malicious code, encrypting (locking) its files and demanding a cash ransom of several thousand dollars for their safe return. Most of the time, paying the ransom doesn’t do anything besides leave you with significantly less money. We’ll continue seeing more of this in 2018.
However, the proliferation of the Internet of Things (IoT), which includes smart offices, smart homes and smart cars, has given hackers even more opportunities to spread ransomware. In 2018, we may see ransomware attacks that cripple the ability of IoT devices to function, which is obviously extremely dangerous.
Also, more ransomware will target the cloud, which houses tons of business data. Many companies have migrated to cloud-based storage solutions over the last few years, and they should take this threat very seriously.
Finally, Remote Desktop Protocol, which employees use to login to their computers from locations outside of the office, was used as a transmitter of ransomware in 2017. Don’t be shocked if that happens again in 2018.
What can you do to Avoid Ransomware Attacks?
Recognize Suspicious Links and Attachments
The best way to avoid traditional ransomware attacks is to learn what they look like. As we mentioned before, they tend to take the form of suspicious, clickable links or email attachments that infect your computer after you’ve opened them.
As a rule, never click a link or open an email attachment from someone you don’t know.
Keep all Cybersecurity Software Updated
Ransomware is rapidly evolving, and security software companies are stuck playing catch-up. If your firewall, antivirus, antimalware, etc. are outdated; they stand no chance of protecting against the latest strains of ransomware.
Always update them when they prompt you, and check manually from time to time to see if there are any new updates you may have missed.
Secure the IoT
Since the IoT is a relatively new concept, most people don’t think of it as a security threat. Now is the time to secure any IoT devices in your workplace or home by taking the following actions:
- Password protecting all devices.
- Installing all security updates.
- Always using a safe wireless connection.
- Training employees on the importance of cybersecurity.
- Establishing a Bring Your Own Device (BYOD) policy if your business allows its employees to use their own equipment on its network.
Protect the Cloud
Since the likelihood that ransomware will target the cloud, has increased, protect yours by doing the following:
- Encrypting all data.
- Using a virtual private network (VPN).
- Edit employee permissions to data accessibility.
Enforce a Remote Desktop Protocol Policy
Employee access to Remote Desktop Protocol should be restricted as appropriate by firewalls. They should also set strong passwords, and be extra careful not to let their own devices become infected by ransomware, or else the rest of your business’ network will be at risk once they login to RDP.
Huge entities with significant cybersecurity budgets like Britain’s National Health Service, San Francisco’s light-rail and FedEx have been victims of ransomware. Don’t think your business is invincible. Keep an eye out, and make sure your employees are educated as well.
Your IT support provider will be able to help get your business’ cybersecurity strategy in order.