The latest trend in cybercrime is the ransomware attack—hackers introduce a virus into a system which shuts down the target’s computer, then the hackers demand money to release the system. The recent WannaCry ransomware attack took down computers in Europe, America, and Asia, before being foiled by a malware specialist. Despite dire warnings from the FBI and cyberwarfare specialists that “nothing can be done” against ransomware attacks, companies can take steps to minimize damage and limit exposure to these new threats to maintain data privacy.
- Maintain malware/spyware compliance. Ransomware is typically introduced into computers as a trojan virus, by downloading infected malware or spyware. Ensuring that employees obey company requirements against downloading any external programs that could infect the corporate intranet.
- Discourage or prevent employees from transferring data from external computers via flash drives or other USB devices, especially commercial devices. Flash drives are usually not encrypted, and are easily infected with malware and spyware. If remote access is necessary, employees should be provided with company USB file sharing devices, or other encrypted systems.
- Back up all files regularly and in multiple formats. Although backups are not necessarily secure from a trojan attack, an offline backup will keep company information in a secure location that will allow a quick restore if the system is compromised.
- Encourage communication between employees and IT. One of the fastest ways to address possible data intrusion is for employees to be willing and able to admit to IT they have accidentally downloaded a game, or accessed a site they should not have. If employees fear possible disciplinary action by reporting potential breaches, the IT department will never hear of it until it is too late.
Until there is a way to prevent ransomware attacks, a smart company can minimize the damage by backing up data, and by alerting employees to the potential danger. Adherence to company policies regarding accessing social media, downloading games or apps, and other Internet policies will keep your data safe and secure as possible.
We can assist you in training your staff on protecting your organization’s data and remains compliant when doing so. Contact us now to learn more and get started.