How Businesses and Consumers Can Fight Ransomware

Once again, on June 26, thousands of people around the world woke up to another cyberattack that forced business and routine work to grind to a halt. According to cybersecurity blog Krebs on Security, the latest attack  as been dubbed "Petya" and falls into the category of ransomware, a form of computer virus that is becoming increasingly common. Readers may recall another widespread ransomware attack in March called "WannaCry," which shut down the computer systems of many organizations globally, with the U.K.'s National Health Service among the most notable.

Ransomware has become so notorious because it is not only prolific, but also profitable for the attackers. By locking down the computer systems of a business or an ordinary user, it demands victims either pay a ransom or else lose access to their files forever. These ransoms can range in the hundreds or thousands of dollars per device, and not paying them means taking on a similarly high financial toll.

So how can computer users work to help protect their systems from these ransomware attacks? In most cases, it comes down to prevention and preparation.

Keep software updated

According to Wired Magazine, one of the most straightforward tasks  that users and administrators should perform to stop ransomware is one that is often done automatically anyway: update your software. Most common operating systems, including Microsoft Windows and Apple's MacOS require regular updates to stay abreast of the latest security threats. These updates are often downloaded and installed automatically, but large scale upgrades may require some manual intervention. If systems are running on particularly old software - like Windows 7, for example - automatic security updates might not come as frequently, if at all. For the best protection, businesses and ordinary users should ensure they are running the most recent version of their computer's operating system.

Stay backed up

Another prevention task that most computer users should be doing anyway is regular data backups. Even without the threat of ransomware, there is always a chance that systems can crash or an error could occur that results in partial or total loss of data. To prevent this, all computer users should perform regular backups of their device using an external hard drive. External drives can be bought relatively cheaply, and can often fit many months of frequent backup data. For the best security, users should disconnect the drive from the computer once the backup is complete, since some ransomware is capable of infecting these devices, too.

Be on the lookout

Finally, anyone who uses email or any internet service should know to avoid behavior that often invites ransomware attacks. In general, security experts warn users to avoid opening email attachments or clicking on links that appear suspicious. Messages might masquerade as prize certificates or legitimate emails from someone you know. If it seems unexpected or unusual, don't take any action until you can verify the message, perhaps by calling the person who apparently sent it.

It's especially important for businesses to inform all employees of these preventive tactics. Leaders should create a business security plan that outlines the proper steps and precautions to take. That includes making software updates a routine task, and keeping employees informed of the latest security threats that might impact them.

If you are infected

If you or your company happens to become infected by a ransomware attack, the first thing to do is disconnect the device from the internet or from the power source, to ensure it cannot infect other computers on the same network. From there, it's best to contact law enforcement to report the crime, and perhaps talk to a specialist to see if there is any way to retrieve your data (assuming it is not backed up).

With few exceptions, experts advise ransomware victims to not pay the fine requested by the criminals. The process often involves jumping through many hoops, and there is no guarantee the attackers will stay true to their word even if you do pay up. Unfortunately, you might need to chalk it up to a frustrating learning experience.

Talk with your banker for more information. Please contact your local Vectra Bank.