Give me your money, I will give you your data - ransomware
The South African Banking Risk Information Centre has warned companies – big and small – that the threat of a cyberattack has never been this severe. South Africa has the third-highest number of cybercrime victims in the world and loses about R2.2 billion to this phenomenon. In addition, this may be a conservative estimate as many cyber-attacks go unreported.
Once-upon-a-time, when a company’s backups were on tape, hacking was almost unheard of. But now, data is stored on disk or in the cloud and is at a significantly high ransomware risk.
Thankfully we can equip our clients with the tools necessary to combat the threat of ransomware.
Minimising risk means minimising the loss of access to sensitive data; operational downtime; compliance and legal issues; brand damage and the loss of customers and financial losses due to the replacement and repair of compromised machines and devices.
Ransomware is designed to restrict your access to valuable business information. To protect your business and keep your data safe and secure, you should:
Keep your operating systems and protection software updated
Petya and WannaCry, the biggest ransomware attacks in 2017, used vulnerabilities in the Microsoft Windows operating system to access thousands of computers worldwide.
Though Microsoft fixed this vulnerability in a software update, many users failed to install the update in a timely manner, thereby exposing themselves to the virus.
Make sure all your machines and devices are regularly updated with the latest security releases and patches. That should include protection and detection software, including firewalls, anti-virus, anti-spyware and anti-malware programs.
Back up files regularly
Ransomware locks you out of your data and computer. Having a current backup could be one of your best defences. In the event of a ransomware attack, you can continue operating by restoring the backup files on another machine – thereby deterring the hackers. Store your backup data in a number of places, like on an external drive and in the cloud.
Create a culture of security
Like phishing emails, ransomware is dependent on people opening an email, clicking on a link or downloading an attachment. So, employee education and training is critical.
Create a culture of security across the organisation so everyone at all levels and in all departments are aware, informed and prepared.
When it comes to cybersecurity defence, it’s important to have a holistic approach, using technology, education and preparation to ensure data remains protected.
Ivan Weincier - IT Project & Facility Manager - KYOCERA Document Solutions South Africa
