Ransomware: one click can make you spend a fortune. Is your business at risk?
Ransomware is a type of malware that encrypts your files and makes them unusable in order to extort money from you and your company. There are various ways to distribute ransomware, the most common being via email attachments or malicious links downloaded from phishing sites.
Ransomware can infect any computer or device you use, not just work machines. It doesn’t matter if you work in a bank or insurance company. Everyone is vulnerable to this type of malware.
Attackers target businesses and demand the ransom to be paid quickly, and many companies bear the burden of ransomware. But these criminal activities are now threatening organizations in every industry.
Despite its reputation as a cybercrime tool, ransomware has become mainstream in the past few years and is no longer exclusive to malicious hackers looking to make a profit. With the increase of targeted attacks aimed at large corporations, it’s easy to see how it earned a spot among modern threats.
If you’re attacked, don’t pay the ransom—it only encourages more cybercrime.
If you pay a ransom, there is NO guarantee that your files will be returned to you. In addition, if you pay the ransom, the attacker can gain access to your computer again and again.
Here is what you should be doing if you are targeted:
If you’re targeted, the more quickly you get your network offline, the more you can contain the spread of the malicious software. The less time your system is connected to the internet, the less time it’s vulnerable.
Seek the advice of an IT professional. When you’re faced with cyber-crime, your first instinct may be to turn to your IT department. After all, when it comes to information technology, no one knows the scoop like an insider. And if your IT guru isn’t available, don’t panic. There are plenty of companies that offer tech support for a variety of issues, including ransomware attacks. After a breach, try to understand how the attackers got in.
If you’ve already paid a ransomware fee to get your files back, your computers might still be compromised, and you should take steps to ensure that no other parties can access your data.
If you or your business experiences ransomware or another cyber security issue, use this form to report it to CERT NZ.
Here is how you can protect your business:
-
- Be cautious about clicking on links in emails that you’ve received from unknown senders. Make sure your computer’s software is always up to date and that your employees know how to spot dodgy emails. You should always look at the URL when you’re signing into a site and check it against the page you expect, the sender of unexpected emails to see if they match and be wary of any emails that contain attachments.
- Make sure you install every available update to your devices and software as soon as it comes out. This will ensure that your systems are protected against emerging threats.
- Add two-factor authentication to your accounts. This is typically a code that’s sent to your phone or an authentication app to verify your identity. This adds an extra layer of security to your logins.
- Always keep a copy of your business data elsewhere. If your storage is compromised or if it breaks down, you’ll have an easy way to get back up and running.
- There are many different types of logs that can be used to monitor your website and systems. Contact your IT team or service provider to determine what’s right for you. Logs will let you know if any unusual or unexpected activity occurs.
- You should always have an incident response plan in place because no matter how well you prepare and how good your cybersecurity is, things can still happen. You don’t want to be left without a backup plan. Make copies of all important documentation and know who to call in case you can’t access your system.