By now, you’ve heard a horror story or two about ransomware. The city of Baltimore’s tale stands out. After cyber-criminals attacked the city’s servers and applications, they demanded $76,000 to decrypt the affected files. City officials refused to pay, and the attack wound up costing the city over $18 million in direct costs and lost or delayed revenue. This is but one example of a ransomware trend that is on the rise. Other recent examples include Pensacola, which was hit in December 2019, and the large tech company Pitney Bowes, which suffered an attack in October.
Here are a few things individuals and companies can do to protect their data and networks:
- Back up computers. It is important to perform frequent backups of systems and files, and verify that the backups were done properly. In the event of a ransomware, the system can be restored to its previous state.
- Store backups separately. Backups should be stored on a separate device that cannot be accessed from a network, such as an external hard drive.
- Train your organization. Personnel should receive regular cybersecurity awareness training on, among other things, current cybersecurity threats and threat actor techniques. Simulated testing is also a good idea.
And here are a few ways to prevent ransomware infections:
- Inform yourself. Stay up to date on recent cybersecurity threats and ransomware techniques.
- Update and patch your computer. Make sure your applications and operating systems have been updated with the latest patches.
- Use caution with links and when entering website addresses. Pay attention to the website addresses you click on, as well as those you enter yourself. Malicious website addresses often appear almost identical to legitimate sites, often using a slight variation in spelling or a different domain (e.g., .com instead of .net).
- Open email attachments with caution. Don’t open unexpected attachments or those from unknown senders.
- Keep your personal information safe. Check a website’s security to ensure the information you submit is encrypted before you provide it.
- Verify email senders. Make sure you recognize the sender of emails you open. Do not click on links in emails from individuals you don’t recognize.
- Use and maintain preventative software programs. Install antivirus software, firewalls, and email filters—and keep them updated—to reduce malicious network traffic.