Ransomware has been a steadily present cyber-threat since what feels like the beginning of time. Experts warn that the risk posed to businesses by ransomware won’t be slowing down anytime soon.
Over recent months, a new breed of ransomware has been unleashed by Russian-based organised crime group Grim Spider. So far, it’s targeted several huge corporations including the UK’s biggest provider of forensic services, Eurofins Scientific.
These large companies have paid the ransom to retrieve their valuable data. But what if you can’t afford to? What happens when this threat targets your business?
As with most cyber-threats, prevention is better than cure. Check out these seven techniques for keeping your data safe from ransomware.
We can’t stress this enough; back up your data!
The only way to even have a chance of avoiding paying the ransom is if you know your data is actually safe elsewhere. We recommend backing up your data and then storing this backup in a safe place totally separate to the rest of your systems, preferably off site. This means that there is minimal chance of your backups also being infected. So, when the attacker requests a ransom for your data, you can ignore the ransom and re-build your systems using your backup up information.
Cybercriminals are continuously looking for new ways to infiltrate your business. Any vulnerability in your software is an easy way in for attackers – so don’t leave the door wide open! Keep up to date with the latest vulnerabilities announced from software vendors and update ALL your software each time a weakness is identified. Then you can be sure your software is always up to date and give hackers less chance to exploit your systems.
Most URLs today are HTTPS. But if any pages on your site are still HTTP then it’s time to change that, for the sake of your security and Google ranking.
As the name suggests, Hypertext Transfer Protocol Secure (HTTPS) is a secure communications protocol and gives an added layer of security between your website and web server. HTTPS helps data exchanged on your website remain safe and secure.
Email is the most common channel used by businesses and cyber-attackers alike. It’s the gateway for phishing attacks, which can include links to ransomware, crypto-jacking and a number of other cyber-threats designed to damage your business. So, training your employees to be cyber-aware is in your company’s best interest.
Don’t you just hate those pesky error messages? Well, error messages that appear on your site (which are usually down to system maintenance or upgrades to your server) can include highly sensitive information. Cybercriminals can use this information to infiltrate your infrastructure.
Ensure that you disable these public-facing error messages by accessing them in the backend or by creating a php.ini file and uploading this to File Manager.
Choosing a hosting provider that makes your security a top priority is essential. Ensure that your provider is ISO certified and PCI compliant so they can provide high levels of security for your infrastructure. Being PCI compliant also means that if you take payments on your site, then this process is safe and secure from hackers looking for loopholes to exploit.
Keep your computers and network secure by investing in a comprehensive security solution package. And we don’t just mean install the latest anti-virus or anti-malware products. Choose a security suite which includes essential services such as penetration testing and security auditing. This will help you to identify weaknesses that hackers might exploit, address any viruses or malware that are already present and make sure that all your hardware and software is secure.
Be PROsecure. Our comprehensive security bundle provides real-time monitoring, proactive response, protection from layer 7 attacks, DDoS flood attack protection and so much more!