Steps to avoiding data threats
Bethany Cornell, digital PR executive at Found
Protecting valuable applications and data from the threat of a cyber-attack is one of the most important concerns facing businesses today. The FBI suggests a 300% rise in ransomware attacks since 2015, with 2016 averaging 4,000 attacks per day. This form of cyber breach is especially dangerous - a form of malware that infects the network through phishing emails or social engineering techniques and uses administrative privileges to lock system files and sensitive data behind a paywall, demanding a ‘ransom’ payment for access to be restored.
Even after payment, this request is not always granted and the disruption caused to business services as a result is vast. In May 2017, the WannaCry ransomware attack infiltrated an estimated 300,000 computers across 150 countries, affecting NHS systems, forcing the closure of Fed-Ex Memphis headquarters and infecting networks at Nissan, Deutsche Bahn and Telefonica to name just a few. This attack highlights the extent of the threat posed by data theft and reinforces the need for action. Unfortunately, there is no single solution to protect against a ransomware attack. But, according to Sungard Availability Services’ latest whitepaper, by approaching the issue with multiple layers of defence using the three steps laid out below, businesses can increase their security and ensure they are equipped to protect their most valuable assets if and when a threat occurs.
Step 1: Prepare
A business’ strongest line of defence against ransomware is preparation. By acknowledging the threat and taking steps to tackle it, many vulnerabilities within your IT infrastructure will be reduced, strengthening your network security. Preparation requires a two-pronged approach to be successful, with one part concerning the preparation of your staff and the other, preparing your tech. Staff education will give your team the knowledge and skills they need to recognise suspicious behaviour online and alert your network administrator, reducing the chance of ransomware being spread through malicious links in phishing emails. It will also train staff on best practice when it comes to using unsecure networks or devices outside the office. Preparing your tech can feel like a more daunting process. Basic steps such as installing necessary anti-malware software can be carried out easily but finding the resources and budget to ensure all updates and patches are installed and more importantly, obsolete operating systems are replaced can be difficult. Conducting a Business Impact Analysis can help you establish your key assets and their value, allowing you to prioritise upgrades accordingly. It may be worth migrating your most critical applications onto the newest hardware first, or using a managed storage solution for your most valuable assets, so you can rest assured that updates and patches will be applied and that unusual activity will be flagged sooner rather than later.
Step 2: Detect
Unfortunately, all the preparation in the world won’t always protect you from a ransomware threat, so if something does slip through the net, early detection can prevent the damage spreading. Because most attacks are carried out at an administrative level, it's not always easy to tell the difference between legitimate and malicious behaviour, but recently activity monitoring solutions have become smarter and problems are easier to spot. A file integrity monitoring service will flag up unusual behaviour that is out of character for an administrator and alert IT to these changes where they can check for legitimacy whereas a SIEM solution monitors security events in real time.
Step 3: Mitigate
If your business does become a victim of a ransomware attack, how you handle the disaster can be the difference between sink or swim. Recovery planning is vital to resuming your regular business services and can be key to recovering copies of lost data and applications that have been held hostage without you having to pay. Ensuring your staff are fully trained in your Disaster Recovery Plan and knowing how to implement backup solutions is also an important part of being prepared. Regular testing will help your staff know what to expect and highlight any weaknesses in your recovery strategy so that you can strengthen your defences and mitigate the damaging effects of a cyber-attack.
Using these three steps can help your business avoid the threat of ransomware from all angles. Having a security plan in place that incorporates these actions can be the key to protecting your business against cyber-attacks, by understanding that preparation, detection and mitigation must work together to provide strong protection for your company.
Picture courtesy of Pixabay