[2 mins read]
Cybersecurity- One of the top grossing topic among businesses worldwide. Technology is a double-edged sword, and cyber attacks have become more common due to the ever-growing technologies.
As reported, the cyber attacks on businesses increased significantly year over year. Technology has became a necessity for most businesses in their work processes, so should cybersecurity. Despite our tight security, a recent study found that Singapore’s organizations are one of the most targeted for ransomware attacks worldwide.
Ransomware refers to malware (malicious software) developed by cyber criminals to encrypt files on a device. The cyber criminals would then proceed to demand for a ransom to be paid by the victim to have their files decrypted. Some of the ransomware variants will also attempt to spread across to other devices within the network.
Ransomware is often spread through malicious links or malicious attachments that is send via phishing emails, spam emails, or embedded within malicious advertisements. Once a device is infected by ransomware, it will spread across the other devices in the network by exploiting vulnerabilities.
Such cyber attacks are destructive to any businesses, regardless of the size and industry. Employees would not be able to access affected documents, which will cause serious delay in work processes. Important documents and sensitive data that is crucial for your business may also be lost if it has not been backed up. Cyber criminals may also threaten to publish these data publicly to pressure businesses in paying the ransom when if the data can be retrieved.
Prevention is the key to protect your business from ransomware attacks. Here are some tips on preventive measures against ransomware attacks:
1. Email Security
Humans are the weakest link. Unfortunately, the cause of the spread of a cyber attack usually lies in the hands of your employees. A recent report showed that 1 in every 414 URLs in emails, and 1 in every 239 attachments in emails are malicious. On top of that, 81% of malicious files were distributed via emails! To reduce this risk, business owners are also recommended to use an Email Security Solution to block out email-borne cyber threat.
2. Install a Firewall
A firewall protects your network from unauthorized access from malicious source. It blocks out intruders and acts like your own ‘traffic police’ to protect your system against malicious programs. In addition to these, a firewall logs events that can be used to identify loopholes or used for investigation when there are malicious activities within your network.
A firewall can also restrict users from accessing unnecessary or unreliable websites by blacklisting them.
3. Software/ Systems Update
All software and systems must be updated to the latest version, to ensure that the latest security patches are up-to-date.
- T.M.R (Test, Monitor & Report)
The only way to tell if you are in the right direction, is by regular testing. Testing should be done to both your systems and your employees’ knowledge on cyber security. Only then would you be able to tell where you should focus on. Employees should be educated to spot a cyber threat and know where/who to report to. No matter if you have an in-house IT support or an outsourced IT support team, a report should be lodged immediately if anyone spots anything suspicious.
4. Data Protection
The key to avoid losing data is by backing them up regularly. Backed up data may come in handy in cases where cyber threats affected the working files of your employees. Important/ sensitive data should be encrypted for extra protection and to avoid the destruction of a data breach too.
Businesses should also limit the data they store by only keeping those that is necessary for the business operations. Proper disposal or archiving is recommended for old files that is no longer required.
5. Response & Recovery
Employees in your organization should know who to report to and what to do in the event of a ransomware attack. Having a plan in place will help employees to react faster and more efficiently towards the cyber attack, and also know what to prioritize for systems recovery. Let all employees know that there is a point of contact and a plan in place to combat the issue, and do not wait for the infection to spread like wildfire!
Prevention is better than having to deal with the recovery of such disaster. Unfortunately, no business is completely safe from cyber threats. No matter how big or small your business is, the destruction of a cyber attack is disastrous!