Universities in England have been hit harder than ever before by harmful ransomware in the past twelve months, according to a recent cybersecurity report. In the most prolific example, Bournemouth University fell victim to malicious software on twenty-one separate occasions during that period.
The figures obtained by SentinelOne prove yet again that ransomware is a threat that doesn’t just hit consumers on their home computers – it continues to be a significant threat in businesses and organisations.
Encouragingly, none of the Universities contacted by SentinelOne paid a ransom, but the largest sum demanded was £2,200, which demonstrates just how damaging ransomware could become if enough businesses are fooled.
What Is Ransomware?
Ransomware is a form of computer virus which encrypts files and then demands a ransom from the user for their release. It is one of the cruelest forms of malware, as it prays on the importance of people’s digital lives. Imagine suddenly losing access to treasured photos, music albums and vitally important documents – many people would indeed pay to have them returned safely.
In business, such files can contain crucial intellectual property, customer data and promotional material. In short, ransomware can effectively bring a business to its knees by simply removing access to its data.
How is Ransomware Contracted?
Ransomware is usually contained within email attachments or files that have been downloaded from compromised websites. Just like other viruses, it is silently installed and cleverly hidden amongst the install set of regular software packages.
When ransomware makes its appearance, it usually does so via a pop-up that is instigated when logging into the computer or attempting to access encrypted files. The ransom itself is usually payable in bitcoins and, in some cases, increases as time passes.
How is Ransomware Removed?
While some antivirus programs are able to remove ransomware, certain types of encryption simply cannot be reversed.
Unfortunately, this means the only way to recover files that have been compromised is to restore them from a backup after formatting the infected computer and reinstalling its operating system.
How Can Ransomware Be Prevented?
Viruses are being distributed in increasingly clever ways, but businesses can protect their data from ransomware.
Here are the measures your organisation should be taking to avoid this increasingly common form of cybercrime:
1. Install Antivirus And Keep It Updated
If you’re running a business, you’ll most likely be using Windows or Mac-based computers of some kind. If so, the operating system should be updated whenever a patch becomes available and a conscious effort made to install industry-standard antivirus software that is kept up-to-date.
2. Use Email Spam Filters
Most email clients will offer some form of spam filtering right out of the box. They’re also becoming increasingly smart when it comes to recognising malicious emails and will automatically pop anything harmful into a spam folder, thus removing from view emails that potentially contain ransomware attachments or links.
3. Never Open Suspicious Attachments
Despite the modern email client’s ability to automatically detect spam, it isn’t infallible. Malicious email is equally as clever these days, and ransomware messages will occasionally slip through the net. That’s why it is imperative no one within your organisation opens suspicious attachments. Anything that has the file extension ‘.exe’ or ‘.js’ should be swiftly binned.
4. Backup Religiously
As noted, most ransomware attacks force a reinstallation and recovery of files from backup, but if you don’t have the latter, you’re in serious trouble. Backup daily and do so to more than one location (both on- and off-site).
5. Show Hidden File Extensions
Ransomware tends to hide itself away in files containing unusual extensions. A file extension usually appears as three or four letters after the filename, for example ‘brochure.pdf’. If your operating system is hiding file extensions, set it to show them so you can spot anything that looks suspicious (‘.pdf.exe’ being a common extension used by ransomware).
6. Keep Your Business Software Up-To-Date
Operating systems and antivirus software aren’t the only things that need to be kept up-to-date – any business software you rely on should also be patched whenever necessary. Vendors will usually notify you when an update is available, and many apps will have a ‘check for updates’ option within their menus.
If any application your business uses suffers from infrequent or non-existent updates, you may need to look for a replacement.
7. Implement A BYOD Policy
If people are bringing their own laptops and tablets into the business and attaching them to the network, you’ll need to implement a BYOD (bring your own device) policy which either prevents them from doing so or, if you decide to allow them, forces staff to abide by strict rules about the presence of anti-virus and approved applications.
8. Educate Employees
An effective ransomware defence is only as good as those behind it, so ensure your employees know how to remain vigilant and tailor their workstation use to avoid falling foul of malicious software.
Conclusion
The effect of ransomware and the inevitable headache brought on by its removal can be incredibly debilitating for businesses. However, follow the tips in this post, and you’ll be far less likely to fall victim to the perils of this form of malware.