Ransomware attacks are becoming evermore prominent and frequent, just look at the recent revelation about Uber's data compromise or the Bad Rabbit Attacks last month. So to help you in your fight against ransomware, we have put together 5 handy tips, which are all government approved recommendations, to help protect your business against ransomware attacks.
1. Configure Accounts to reduce the impact of successful attacks
You should configure staff accounts and observe the principle of “least privilege” which essentially means give staff the absolute minimum access possible, and only increase if their job requires so. This is because if they are a victim of an attack, the damage is minimised and isolated to just them, rather than if they were administrators and had widespread access. If staff do have administrator privileges you need to ensure they don’t browse the web or check emails on this account, why? Administrators have the power to make changes that will affect other users. Administrators can change security settings, install software and hardware, and access all files on the computer, so giving hackers uncontrolled access to this could have a far greater impact on your business then a standard user account.
A useful fail safe for this is to use two-factor authentication (2FA) on your important accounts such as email. This means that even if a hacker knows your passwords, they still wont be able to access that account.
2. Think about how you operate
If you remain vigilant and think about how your business operates on a day to day basis, you need to consider the ways in which you could be targeted and then educate staff around the normal ways of working (particularly interactions with other businesses) so that they can spot things that are out of the ordinary, such as emails.
A common technique used is sending invoices for products you haven’t used as attachments. As the user opens the attachment, the malware is automatically installed on your computer, often without your knowledge. Another common trick is getting staff to transfer money or information via a request in an email that looks authentic, often mimicking people within your organisation.
To avoid this, you need to ensure:
- Staff know what to do with unusual requests, and then where to go to get help with them?
- That you consider the source of the sender, it may look like a colleague but if they are asking for information or money for something it is always worth getting them to verify their details outside of the email
- You are aware of all of the businesses and suppliers you work with. Often scammers will use the details of a large bank to get you to transfer funds, so if something appears in your inbox from someone you recognise but don’t deal with, it is always worth asking.
3. Check for obvious signs of phishing
Expecting staff to go through and identify and then delete all phishing emails is a near impossible request and one that would be incredibly time consuming – there are far more productive uses of time. Nevertheless, you can help promote vigilance by ensuring they keep an eye of the following signs:
- Often ransomware emails originate overseas where English may not be their first language. As a result the spelling, grammar and punctuation are poor which should help identify emails in the first instance.
- Some hackers will also try to replicate the look and feel of large organisations through the use of their graphics and logos, however these are still often done badly and so can be identified if you are observant.
- Who is the email addressed to? If it is addressed to “colleague” or “valued customer” this could be a sign that they don’t know you and therefore it is part of a scam. That being said, just because an email is addressed to you directly, this doesn’t mean it is necessarily safe either.
- A key tactic used by hackers is creating a sense of urgency such as “act now!”, “you have 24 hours” or “you have been a victim of crime, click here immediately”. This attempts to lull you into a pressured situation which means you can act without careful consideration
- Who is it being sent from? Often they will try and mimic someone in your organisation to give you a false sense of legitimacy, however if they are asking you to make a payment or for information, create a new email directly to them and question it. Also look at the sending email, is it really them?
4. Report all attacks
If you think your business has been the victim of online fraud or a scam you should report this to Action Fraud (https://www.actionfraud.police.uk/report_fraud) which is the UK’s national fraud and cybercrime body. By making the authorities aware, this can help prevent others falling victim to the same hackers.
It is important that you encourage staff to ask for help if they think they have been a victim of phishing, and not punish them if they get caught out. If staff fear punishment, they may try to cover up the attack or ignore it which could have far more detrimental effects to your business. If you do get a report about ransomware, it is vital this is explored immediately, malware scans are run and passwords changed to avoid the attack becoming widespread.
5. Keep up to date with attackers
Hackers are becoming increasingly smart when it comes to ransomware attacks, hence why they are becoming more prevalent. They are trying new techniques, becoming better at falsifying information and becoming better at passing spam filters, therefore it is important to keep on top and stay one step ahead.
You could consider signing up to the Action Fraud Alert Service (https://www.actionfraud.police.uk/signup) which is a free service that allows you to receive direct, verified, accurate information about scams and fraud in your area by email, recorded voice and text message.
You should also consider joining CiSP (https://www.ncsc.gov.uk/cisp) which provides a forum for cyber security discussion from beginners all the way through to seasoned experts. Furthermore, it is also a platform where organisations can share intelligence gathered from their own computer networks so that together we can prevent attacks through opening a dialogue.
Where we fit in...
Remember, protecting against ransomware needs to be a continuous process. As time goes on, hackers are becoming more intelligent in how they gain access to your details, so you need to make sure you stay one step ahead to protect against them.
For a limited time, we are offering you the chance to get a FREE security audit of your business in order to better understand how your security stacks up, where the holes and risks are and what you need to do to protect your business. Just hit the link below to find out more!