YEP, SOMEONE CLICKED ON A MALICIOUS E-MAIL
It looks legitimate, but with one click on a link, or one download of an attachment, everyone is locked out of your network. That link downloaded software that holds your data hostage. That’s a ransomware attack.
The attackers ask for money or cryptocurrency, but even if you pay, you don’t know if the cybercriminals will keep your data or destroy your files. Meanwhile, the information you need to run your business and sensitive details about your customers, employees, and company are now in criminal hands. Ransomware can take a serious toll on your business.
HOW ARE SOME OF THE WAYS
Criminals can start a ransomware attack in a variety of ways, below are several.
- Scam emails – With links and attachments that put your data and network at risk. These phishing emails make up most ransomware attacks.
- Infected websites – That automatically download malicious software onto your computer.
- Server Vulnerabilities – Which can be exploited by bad actors.
- Online ads – That contain malicious code, even on websites you know and trust.
WHAT ARE SOME OF THE THINGS TO PROTECT YOUR BUSINESS
- Have a plan – How would your business stay up and running after a ransomware attack? Put this plan in writing and share it with everyone who needs to know.
- Back up your data – Regularly save important files to a drive or server that’s not connected to your network. Make data backup part of your routine business operations.
- Keep your security up to date – Always install the latest patches and updates. Look for additional means of protection, like email authentication, and intrusion prevention software, and set them to update automatically on your computer. On mobile devices, you may have to do it manually.
- Alert your staff – Teach them how to avoid phishing scams and show them some of the common ways computers and devices become infected. Include tips for spotting and protecting against ransomware in your regular orientation and training.
WHAT ARE SOME TASKS TO DO IF YOU’RE ATTACKED
- Limit the damage – Immediately disconnect the infected computers or devices from your network. If your data has been stolen, take steps to protect your company and notify those who might be affected.
- Contact the authorities – Report the attack right away to your local FBI office.
- Keep your business running – Now’s the time to implement that plan. Having data backed up will help.
- Notify customers – If your data or personal information was compromised, make sure you notify the affected parties ― they could be at risk of identity theft.
- Should I pay the ransom? – Law enforcement doesn’t recommend that, but it’s up to you to determine whether the risks and costs of paying are worth the possibility of getting your files back. However, paying the ransom may not guarantee you get your data back.
The Goliath Cyber Advisory team stands ready to assist you and your team with building a strong Cyber resilient plan and ensuring you have the proper Breach Response coverage.