Header image overlay

Ransomware: how to prevent & what to do if it does go wrong?

The perfect business model for criminals
A lot of companies are victims of ransomware. For example, Emcor Group, Atlas College Genk and Picanol were hit hard this year. These were in the spotlight and spread out in the media, while they were not the only ones to suffer.

Ransomware comes in via an e-mail or a so-called worm. It encrypts your data and thus disrupts your company's operations. The cybercriminals ask for ransom money in exchange for lifting the encryption. Medium-sized companies appear to be the most affected. They are an interesting target for hackers, because their IT is often less secure than that of larger companies. In addition, the impact of a cyber attack on a medium-sized enterprise is usually heavy enough to make a hefty ransom payment.

But how do you arm yourself against ransomware? And what if it does go wrong? Securing 100% is not possible, but you can do it. minimize risk and make sure you groom on a possible attack.

Security awareness

80% of the attacks can be prevented by the cyber-hygiene to respect. Then we think about 2 seconds before opening an unknown link, use strong passwords, perform security updates right away and things like that. That doesn't cost any money. It is a matter of making all employees aware of the importance of this. It is an attitude that must be ingrained in the company culture. With a Security Awareness Training introduce you to this in an easily accessible way. Everyone will be informed of the dangers. Fake phishing attacks challenge employees on-the-job. This way, they get on edge and recognize a real hacking attempt much faster.

Border controls

Good antivirus software and a reliable firewall are the obvious means of keeping ransomware out. Fortinet offer great solutions in this area. If your employees sometimes need to log in remotely, it is best to use an VPN connection. All data then passes through an encrypted tunnel. This prevents hackers from sniffing through your traffic. VPN also masks your IP address. Your internet activity thus becomes anonymous. Although today there are even safer alternatives to teleworking (read our tips).

Apart from teleworking, these measures go a long way. Of course you can always go a step further. For example, with MFA (Multi Factor Authentication) introduce an extra layer of security when logging in. This protects you from a possible hack in case your passwords are stolen. With a proactive access control you go one step further. Solutions such as Exabeam allow you to monitor the activities on your network and intercept deviant behaviour.

Backup

You're gonna need those if things go wrong. Will all critical data in your company be backed up? Are these backups carried out frequently enough? Are these backups safe? A lost hard disk with a faded post-it "backup" on it is not sufficient.

Preventing Ransomware is therefore a matter of corporate culture and using the right tools. The tools are readily available and do not cost you an arm or a leg. Of course, you have to keep them up-to-date. That, in turn, is a matter of discipline, part of a corporate culture that pays attention to security. Despite everything, do you still fall victim to ransomware? Then it's best to have the necessary backups available.

Still affected...

In the event of a cyber attack Disconnect you all internet connections. Turning off computers doesn't make sense. It often leads to even more data loss. You also do your best right away declaration with the police. Pay? Of course you want to get back to work right away, but do you have any certainty that you can if you pay? Often hackers resell the encryption to other hackers or don't lift the encryption at all after paying the ransom. The hackers are very difficult to trace because the ransoms are charged in digital currency like Bitcoins. Why would they unlock your data when they can extort you undisturbed instead?

So it's best to have a reliable security partner. Not only can you provide the right tools and training. It also helps you to get back on your feet step by step when fate strikes.

"Why would hackers unlock your data when they can extort you even more undisturbed instead?"

share this post:

Since 18 October, NIS-2 is officially in force! Together with our partners, we are organising a Cybersecurity Workshop on 30/01 to share practical insights and tools that you can apply immediately to protect your organisation and become NIS-2-compliant.