Looking at your screen to find a ransom note is a scary situation. Ransomware attacks generally occur when someone opens a file or downloads something from an email containing the malware.
Much of the time, the ransomware will lock your screen and not allow access to any files without you paying a “ransom” or some monetary amount or trade.
In this article, we’re covering everything you need to do before and after to prevent a ransomware disaster.
Small Business Ransomware Protection Strategy
First, let’s talk about the steps you need to take to prevent ransomware from getting onto your network.
Know who and what is connected to your network
If you already have some form of virus protection software, these can tell you who is accessing your network and from where. Use this software to your advantage and be proactive with the situation.
If anything doesn’t look right, you might currently be under attack, but you still have time to protect yourself by activating the virus software and making all members of staff aware of the situation.
Encrypt all communication and data
Encryption is not an option in 2020 and beyond. Accounting and law firms deal with all sorts of sensitive information, including personally identifiable data, financial statements, medical records, and more. It’s your responsibility to keep this information safe.
Sending a traditional email back and forth containing sensitive information is a sure-fire way to find yourself in hot water when ransomware takes over your network.
Zebu helps by providing an encrypted messenger platform that ensures no one anywhere on the planet will be able to crack the code.
Train staff to identify possible ransomware
Most ransomware accesses your network because staff members don’t know how to identify it. Keep your eyes on the following:
● Emails from unidentified people
● Emails with slight variations in handle (ex. Johnsmith@Smithlaw.com vs. Johnsmitth@Smithlaw.com) When you’re busy, it’s easy to miss these small details
● Unsolicited attachments (staff should never open anything they weren’t expecting)
Always update systems and apply software patches
Anytime your antivirus or business software demands an update, make sure you follow through as soon as possible. When you have outdated software, it makes it easier for malicious attacks to occur. According to Tripwire, one in three organizations experience data breaches as a result of unpatched software.
Segregate sensitive from non-sensitive data
The best way to have a backup plan during an attack is to know how to extract essential data before it gets compromised. One of the best ways to make this process easier is by keeping important data separate.
You should not have all the information in the same place, and you also need methods of keeping the data secure. Everyone in your office should not have access to everything. They should only have access to the information they need to complete their job tasks.
Now that you understand the precautionary methods to take, what happens if you’re currently experiencing a ransomware attack? Here are the steps you should take to reduce the impact on your reputation.
Identify the ransomware
Lack of education is what causes most cyber attacks. Much of the time, what one thinks is ransomware, isn’t at all.
Encrypting ransomware turns everything on your computer into an unidentifiable code that only the hackers can see.
Screen-locking ransomware is the most common, and this one locks your screen with a ransom note demanding some form of compensation in exchange for your information.
It’s important to know that if you can still access files and data on your computer, but you still have a ransom note, you don’t have ransomware. It’s a scare tactic trying to get you to pay.
Disconnect the machine from the network
If you think you do have ransomware, you should disconnect your machine and go offline from the network. This will help prevent the virus from spreading.
Take a photo of the ransom note
Take a photo of the note because you’ll have to file a police report for insurance purposes. Do not forget this step in the heat of the moment.
Should you pay the ransom?
Most experts advise against paying the ransom because there is no guarantee you’ll get your information back anyway. They might add another ransom on top of it, and there’s nothing you can do.
Implement antivirus software immediately
If you’re not paying the ransom, you’ll want to run your antivirus to eliminate the ransomware. This may end up deleting the encrypted files, but it’s a double-edged sword that will help prevent them from accessing anything else. (this is why it’s so essential to segregate data)
If you are concerned about protecting your client's sensitive information, you’ll want to use Zebu to communicate with your staff. Email doesn’t offer enough measures to keep data secure and protected.
Zebu offers a military-grade encrypted messenger so you can send personal information without having to worry about it getting stolen. There is also a secure cloud-based file storage built-in to allow you to share files and restrict access.
It’s your responsibility to protect your client's information, let Zebu help. Click here to learn more.