Blog

Ransomware and Malware Prevention Best Practices

Categories

Security & Disaster Recovery

Table of Contents

By Mark Chinsky
ransomware laptop user reading prevention best practices

There has never been a more important time to think about business continuity. In 2020, there was an 800% increase in ransomware attacks reported in the U.S. alone. Ransomware is a type of malware designed to infect a computer or network and either lock or encrypt files until a ransom is paid. By capitalizing on the uncertainty of the COVID-19 pandemic, global ransomware damage costs are predicted to reach $20 billion this year (Datto, Global State of the Channel Ransomware Report).    

At Clients First, the security of our customers is our top priority. As ransomware threats continue to grow and evolve, so does the demand for better malware prevention practices and a multilayered approach to business continuity. To help you protect and prepare your business against any lurking threats, you need to know how most attacks happen and what preventative measures to have in place to minimize the damage. That’s exactly what we have included in this blog post.  

Take a look at Datto’s State of Ransomware Report to see how this growing cybersecurity threat affects your business:  

4 Ways That Businesses Can Get Exposed to Ransomware  

When you work on a computer every day, there is always a risk that the wrong email can be opened or a malicious link clicked. As a result, ransomware attacks can happen to a business anytime, anywhere, and to anyone. While many types of ransomware strains that exist and they continue to get more sophisticated over the years, cybercriminals generally use the same tactics to hold your data or device hostage. Here are the 4 most common ways that you or your employees can get infected by a ransomware virus:  

  1. Opening a Malicious Email Attachment  
    The most common way that ransomware gets installed on a user’s machine is through phishing emails. A phishing email is a fraudulent attempt to gain sensitive information or data by mimicking a trustworthy source, like a government service or familiar name. If one of your employees receives a phishing email with a disguised email attachment or file download and opens it, it can lead to a ransomware infection that spreads like wildfire through their computer and your network if the right protections are not in place.   
  1. Downloading Free Software  
    It’s not unusual to download free games, screensavers, or free versions of expensive software. Unfortunately, if a user accidentally downloads malicious software, cybercriminals can bypass almost any firewall or email filter and exploit any unpatched vulnerability that exists on the computer. Once they have access, they can infiltrate your computer and/or network and hold it for ransom.  
  1. Visiting a Compromised Website  
    Also known as a “drive-by download,” this attack can occur when a user lands on a compromised website with an older browser or unpatched third-party application. The website automatically runs an exploit kit to check for known vulnerabilities on your computer and, if found, can be used to execute malicious code and a ransomware attack.   
  1. Access Via Remote Desktop Protocol (RDP) Session  
    Most businesses use RDP sessions to allow remote users access to their Windows machines. Whether you need to access your ERP system from home or your IT team needs to remotely access your computer, RDP provides the ability to connect, access, and control data and resources on a remote host. If one of your employees has an unpatched vulnerability, uses weak passwords, or did not enable account lockout protections, then your entire network is exposed and could be at risk of a malware attack.  

Top 6 Ransomware Prevention Best Practices  

Even though we hear about ransomware attacks on the news regularly, the average business we work with does not have enough preventative measures in place to fully protect their business. Some of them don’t even know what a business continuity and disaster recovery (BCDR) plan is. The reality is, the best defense is a great offense. With the right combination of threat detection, security training, and disaster recovery software in place, you can be prepared for anything. Here are our top 6 ransomware and malware prevention best practices to include in your business continuity planning as soon as possible:  

  1. Educate your entire staff with cybersecurity training and best practices to reduce the risk of errors   
  2. Implement antivirus software and anti-malware software to keep your PC as secure as possible 
  3. Create your first line of defense with an email security gateway solution to detect and protect against spam and phishing emails  
  4. Invest in endpoint detection and response (EDR) software to monitor, identify, and contain any threats on hosts and endpoints  
  5. Keep your business applications and software up to date with patch management 
  6. Protect your business from data loss and downtime with enterprise cloud backup and recovery services 

Before you get started, this is a great time to consult with your trusted technology partner. They might have specific recommendations for your infrastructure. After working with several of our own customers, we discovered the need for an affordable all-in-one cloud platform that was easy to use. To help keep their business data and applications safe, we developed EverSafe, the only solution on the market that offers backup, disaster recovery, instant on-site virtualization, instant off-site virtualization, screenshot verification of backups, and intelligent business continuity all from one simple user interface. If you’re interested in what Clients First has to offer, learn more about our enterprise cloud backup and recovery services here.   

How to Respond to a Ransomware Attack  

When your full-time job is to infiltrate an organization and hold their data hostage, sometimes they find a way—no matter how much security training or ransomware prevention best practices you have in place. A huge part of your BCDR strategy is to actually be prepared for an attack and to have the best processes in place to restore your data and reduce downtime.  

If a computer or device connected to your business gets infected by a ransomware virus, the first two things you do is report it to the FBI’s Internet Crime Complaint Center (IC3) and completely ignore the ransom demand. Yes, that’s right. The United States Government’s response to the increase in ransomware crimes was to enforce an advisory against engaging in communication or exchange with ransomware attack perpetrators. If you do pay, you risk not getting your data returned and facing fines or even prison time for violating U.S. law. Read more about the advisory below.  

The only way to get your stolen data back is to notify your IT team and restore your on-site and off-site data backups. It’s important to remember that the most damage caused by a ransomware attack is not the ransom demand but the potential business downtime that can result. According to Datto’s latest Global State of the Channel Ransomware Report, the average cost of downtime for a ransomware attack in the United States last year was $274,200.  

Start Planning Your BCDR Strategy Today  

To protect your critical business applications and data against ransomware and other types of malware, you need a combination of prevention software, backup and disaster recovery software, security training, and a business continuity strategy in place. We understand that there is a lot to learn on the subject, and to help you get up to speed, we highly recommend signing up and attending our Ransomware Roundtable.  

In the webinar, we will be covering everything from the various tactics that hackers are using and industries they are targeting to specific ransomware prevention and recovery methods. Due to the shift to remote work and the rate at which new strains of ransomware are emerging, there has never been a better time to assess your security risk and prepare for potential threats.  

Mark Chinsky

Mark Chinsky

Partner, Clients First Business Solutions New Jersey

Mark Chinsky is a highly skilled and highly passionate ERP consultant and partner at Clients First. With over 30 years’ experience working with a wide range of ERP solutions, he’s on a mission to help businesses understand the software selection process and how ERP software can benefit them. If you’re looking for trustworthy and transparent content on software implementation, technology deployment strategy, and business process improvement for distribution, manufacturing, and professional services businesses, Mark is your guy.