Touchstone FMS Business Unit HeadMore
Ransomware attacks are on the rise and we've seen in our previous post how they happen, and the devastating impact it can have on a business. There are several steps an organisation can - and should - take to prepare itself.
There is a wealth of information on how you can protect your systems and business from such attacks, one excellent source is the National Cyber Security Centre where you will find a paper entitled Mitigating Malware and Ransomware Attacks. It is an easy non-technical read, it suggests several actions you can take to protect your systems and business, below is a summary.
The most obvious and the least costly is to ensure you take regular backup copies of your data. You no longer have to use physical media. Copies can be taken and stored in a location that is not on your corporate network, for example in the Cloud or using a specialist service where there is a clear separation between your corporate systems and the backup provider.
Ransomware is becoming increasingly sophisticated and can even target locations where backup copies are stored. Make regular checks that backups are readable and can be restored. Take image copies of application servers on which programs are running as these will also be required in the event of an attack and a system rebuild becomes necessary.
As mentioned in our previous post Ransomware attacks - It won't happen to me, will it?, malware usually finds its way into your organisation through Trojans and/or by exploiting vulnerabilities. You can reduce the likelihood of malicious content reaching your devices through a combination of:
These are typically done by network services rather than users' devices; your IT department will likely be on top of this already but as users of application software you should check with them regularly to ensure it is patched up to the latest patch set.
Up until relatively recently the best way to defend against malware was to try and keep it out of your network by isolating your systems from the outside world, a “castle and moat” approach.
However, given the need for users to access systems remotely, especially over the past two years, systems are now very much more “accessible” and so the defence strategy has to change to one of “defence in depth”. This assumes that malware will find its way onto your systems and devices, and the focus should be on how to stop it from propagating. The paper from the National Cyber Security Centre referenced above goes into detail on the sorts of measures that can be taken.
Malware attacks, in particular ransomware attacks, can be devastating for organisations because computer systems are no longer available to use, and in some cases, data may never be recovered. If recovery is possible, it can take several weeks, but your corporate reputation and brand reputation could take a lot longer to recover.
The following are some headline suggestions.
Previous post >> Ransomware attack - It won't happen to me, will it?
Next post >> Ransomware attack - How can touchstone help
We hear about ransomware attacks with increasing regularity, yet many organisations either do nothing or very little to prevent it.…Read more