Cybersecurity hit the headlines again last week, in the wake of the WannaCry ransomware attack that has affected around 150 countries and 200,000 organisations, including the NHS. Like many other attacks before it, the incident highlights the importance of keeping your personal and business computers protected from external threats. But what practical steps can businesses take to protect themselves from ransomware attacks?
What is Ransomware?
Ransomware is a type of malicious software which blocks access to the files on your computer until you pay a ransom, and it may also threaten to delete your files unless you pay within a certain amount of time. Files are difficult to decrypt, but if you are affected it is advised that you do not pay because you still might not get your files back.
How Does Ransomware Spread?
Ransomware can come from legitimate websites which have been hacked, or from malicious email attachments. Older systems or those that are not regularly updated are particularly vulnerable to attack - the WannaCry ransomware used a flaw in Microsoft’s software to infiltrate Windows computers. Once a computer is compromised, the ransomware can spread to other computers within the same network.
How To Protect your Business
For businesses, cybersecurity issues are twofold – you need to ensure your computers are protected while your staff members are working online, and you also need to make sure that your own website cannot be hacked and used as a vehicle to spread malicious software.
Here are five things you can do right now to help protect your business from ransomware, viruses, and other cybersecurity threats:
1. Back up your files
Backing up your files won’t prevent anything from happening to them, but it means that if anything should happen, your files won’t be lost forever and you won’t be tempted to pay the ransom. With your files all backed up on a completely separate system or server, you can format your hard drive if you need to, restore your files, and carry on where you left off without giving in to threats. But your backup system is useless if it isn't working, so make sure you test it regularly as part of your disaster recovery plan.
2. Use secure passwords
Using a password that is easy to guess is akin to leaving your front door wide open. If you use a password that is simply your name, 1234, qwerty or even the word “password”, you might as well not bother having a password at all. Harry’s blog post Web Security Basics explains how to choose a secure password, as well as how to protect your personal details and back up your files.
3. Use an anti-virus program
Anti-virus programs can detect ransomware, malware, viruses, and other threats that could get onto your computer, and they can prevent them from being downloaded to begin with. It’s important to make sure that every computer in your business has an up-to-date antivirus installed.
4. Install important updates
Software providers often release updates and patches to fix vulnerabilities. This includes Microsoft, and if you’re running a Windows operating system your computer should automatically download and install important updates to keep you safe. You can check whether this is the case in your system settings.
5. Educate your staff members
Make sure that everyone in your company – including yourself – is aware of how to avoid downloading malicious software or compromising their personal data. This includes not downloading anything that has come from a website or email address that you do not trust, and not clicking on links in suspicious emails. There are a few ways you can figure out whether an email is from a legitimate company or whether it is a phishing email. This article is about emails from PayPal, but its advice can be applied to potential phishing emails from any company.
Improve Your Knowledge
SilverDisc MD Alan Perkins was a guest on BBC Radio Northampton on Wednesday, talking to Stuart Linnell about how important it is for businesses to increase their knowledge around cybercrime and ensure they remain protected from threats such as ransomware, hacking, and viruses. The show is available on iPlayer and the segment starts at 2 hours 7 minutes.
One way to keep your knowledge up to date is to attend events and conferences, to learn from and connect with industry experts. The “Ever Been Hacked… Off?” cyber security events hosted by NNBRF in 2016 and MKBRF in 2015 were interesting and informative events supported by SilverDisc, with expert speakers from all over the country advising businesses on how to keep themselves and their customers safe online.
There are also many resources available online where you can find out how to protect yourself and your business from online threats. Start by taking a look at our blog post How To Protect Your Website From Hackers to find out how you can tell if your website has been hacked, what to do if it should happen, and how you can avoid it completely.
At SilverDisc we put security at the centre of our online operations and we are dedicated to building robust websites that our customers can rely on. Contact us to find out more.