Ransomware, a type of malware that blocks access to a computer until a sum of money is paid, is an Olympic-sized threat. In fact, you could build an Olympic stadium with the cash cybercriminals will extort in 2017. But it’s not just medals and money at stake. It’s business data, the lifeblood of any organization.
Businesses thrive on fair competition. Sometimes you win, sometimes you lose, but you live to fight another day. Not true with ransomware, where there’s no such thing as a fair fight. Ransomware not only stops your game in its tracks; it shuts it down for good unless you pay up. It’s like a swim meet where not only do you lose to the competition, but your opponent drains the pool.
In the first three months of 2016, cybercriminals collected $209 million.1 For businesses, it pays to keep up. We know hackers consistently rely on three weak spots: software, people, and passwords. Here are a few tricks from the Carbonite playbook for defeating ransomware.
Double down on defense
Antivirus software only catches half of known threats. Use antivirus, and be sure to keep it updated – along with all your applications, as criminals often target software vulnerabilities. But you should also use a backup solution on top of antivirus for the threats that will inevitably get past your firewall.
Every play is a trick play
Trick plays work best when your opponent least expects them. There’s the hidden-ball trick in baseball. And the off-the-back in-bounds pass in basketball. With ransomware, every play is a trick play. Security technology firm Wombat looked at the different tricks cybercriminals use to get people to click on malicious links.2 It found that error reports, corporate messages, and commercial notifications are most effective. So anytime you receive a notification of a full mailbox, or notice of delivery failure or shipping confirmation, check the credentials of the sender. It may be cybercriminals playing dirty tricks to steal your data.
Signal stealing is part of the game
In sports, teams steal signals all the time. In the ransomware world, stealing passwords is the best way for cybercriminals to infiltrate your system. Many in the C-suite are surprised at what poor password practices their companies use, and more than a few are guilty of not following best practices for protecting their own devices. Good password practices are critical for maintaining a defensive security profile.
Win. And don’t lose
In sports, there’s only one winner. With ransomware, you win by not losing. A few simple steps can keep you one step ahead of ransomware distributors. It starts by knowing what good defense looks like. Fightransomware.com has useful tips and best practices to help you protect your critical business data, for the win.
Norman Guadagno is Chief Evangelist at Carbonite, which provides cloud backup and restore solutions to individuals and small and midsize businesses. Carbonite protects millions of devices and their valuable data for customers around the world, who entrust Carbonite to keep their data secure, available, and useful.
- Money.cnn.com, Cyber-extortion losses skyrocket, says FBI, April 2016.
- Wombat Security Technologies, State of the Phish 2016.
Featured photo credit: Johan Viirok
[Updated 5.15.17]