What is Ransomware? Defend against ransomware.

Ransomware is a kind of software which holds system/systems hostage for money (usually cryptocurrency like bitcoin). Once the ransom is paid, victim is provided with a “key” to unlock the affected systems.

Ransomware holds the system by encrypting victim’s files. This can cause significant dent on business’s operation as the encrypted files are often critical. In some cases, even after paying the ransom, the attacker may not provide key, causing monetary loss as well along with data loss.

It is advised that organization should not pay ransom to attackers as the attacker still has access to network and they can strike again. Also, the paid ransom will help the attackers to fund further cyber-crime or spread the ransomware in other organizations.

Emails saying the recipient has won a Starbucks gift card with a link to “accept the gift” that actually downloads a malware into the system is one such example of how ransomware enters into an organization network through emails.

Defend against Ransomware

The greatest defense technique against ransomware is user education. Every organization should train users so that they are able to spot and report suspicious phishing emails.

Along with user education, following strategies can be followed to defend against Ransomware

1. Regular backups: Regularly backing up critical data to an off-site location can help restore files in the event of a ransomware attack.
2. Software updates: Keeping software and operating systems up-to-date can help close security vulnerabilities that could be exploited by attackers.
3. Email and web filtering: Filtering emails and web traffic for suspicious content can help prevent the spread of malware.
4. User education: Educating users on safe computing practices, such as avoiding clicking on unknown links or downloading attachments from untrusted sources, can reduce the risk of falling victim to a ransomware attack.
5. Network segmentation: Segregating sensitive systems and data from less critical systems can limit the spread of malware within an organization.
6. Endpoint protection: Installing and maintaining endpoint protection software, such as antivirus and anti-malware programs, can help prevent and detect ransomware infections.
7. Incident response planning: Having a well-documented and rehearsed incident response plan in place can help an organization respond quickly and effectively to a ransomware attack.