Posted by: Heather Shy on April 29, 2016 at 2:00 pm
But there are some things you need in place first –
In this recent story, the FBI advised organizations hit by ransomware not to pay the ransom.
While they provide good reasons for this statement, it is imperative that businesses and organizations take preventative measure first.
(And by “first” we mean now if you haven’t yet.)
FBI Cyber Division Assistant Director James Trainor lists several reasons why paying the ransom is not advised:
- There’s no guarantee the hackers will provide the decryption key even if the ransom is paid.
- Paying the ransom “emboldens current cyber criminals to target more organizations.”
- Paying the ransom gives other criminals an incentive to get involved in ransomware.
- The organization paying “might inadvertently be funding other illicit activity.”
In other words, the more ransomware demands that get paid, the worse the problem will get.
Clearly, “hope for the best and pay the ransom” is not a solid security plan. So what should you have in place to prevent falling victim to ransomware scams? The FBI recommendations adhere pretty closely to our efforts for our clients:
Network updates. This includes regular operating system and software updates and patches, as well as up-to-date antivirus and anti-malware services. This is especially important as ransomware crooks branch out from sending email attacks to placing malicious code on legitimate websites. We manage these updates for our Complete IT Care clients.
Appropriate access levels. We discourage allowing administrative rights on individual workstations. Ransomware is a perfect example why.
Backups. Regular and secure backups must be in place if you get hit with ransomware. We’ve saved hours of data restoration work for several clients by making sure their backups were working properly.
These four steps are pretty basic and simple ones to take. They will help prevent ransomware attacks on your data, and help your business recover if you are hit. If you need help setting up or managing your network security, please give us a call.
For several reasons, prevention and recovery planning are far better than paying a ransom.