Ransomware is becoming a much more common threat that businesses need to defend against. The risk isn’t just that an employee will click on an email infected with malware. Some newer ransomware threats directly target vulnerable web servers.

The easiest solution to a ransomware attack, paying the ransom, is ill advised. You may not get your data back even after payment, and you remain vulnerable to additional attacks and higher ransoms. Instead, take steps to defend against ransomware and implement a strategy that will enable you to recover from an attack—and do this before your systems are compromised.

1. Create and protect backups. Recovering your data requires having a clean copy of your data, so having a robust and effective backup strategy is important. If you create intra-day snapshots in addition to full end-of-day backups, your data losses can be minimized. Since some ransomware searches for external backup drives and attempts to encrypt them also, keep backup drives offline or backup to the cloud to protect these vital copies.
2. Take steps to block malware from your business. Use a solid antivirus solution to block known malware. Use ad blockers to keep malicious advertising out of your browser. You can also configure your mail service to block emails with executable files. Make sure you apply operating system patches and update your antivirus solution regularly to ensure you’re protected against the latest known vulnerabilities. You can use whitelists to prevent any unauthorized applications from running.
3. Protect your network. Use network segmentation to isolate and protect critical systems. Internal firewalls can prevent malware from moving between servers and protect vital systems from attack. Make sure your security software comes from a known source to avoid installing compromised software. Keep multiple copies of critical data on redundant servers and segments.
4. Train users. The best technical defenses can be unintentionally thwarted by users who respond to phishing messages, share passwords, and click on dangerous links. Make sure your users know how to recognized phishing emails. Supplement training with unannounced tests that simulate an attack.
5. Have a recovery plan. If all your defensive measures fail and you get infected by ransomware, you shouldn’t need to figure out how to recover on the fly. Spend some time now to document your recovery plan. This can include steps like turning off WiFi, Bluetooth, and network connections on infected servers; retrieving the latest backup; restoring corrupted files; and restarting applications that depend on that data. Ransomware is just one of the many scenarios you need a disaster recovery plan for.

Prescient Solutions has 20 years providing IT consulting and managed services to businesses and organization in Chicago and Schaumburg. Our team’s in-depth expertise, backed by industry-standard certifications, enables us to develop comprehensive cybersecurity solutions. Contact us to learn more about blocking ransomware and other information security threats.