Ransomware costs businesses millions of dollars per year. The number of infections is growing and, yes, they happen right here in Wilmington.
 
Once your systems are infected with ransomware, the virus encrypts all your data. The only way to get the un-encryption key is to pay a ransom. Hence the name “ransomware.” The ransom amount could be $500 to $2,000, and even after paying you don’t always get your data back!
 
Unfortunately, there is not a single program that can prevent a security breach. However, there are a few simple and inexpensive steps you can take today to significantly reduce your risk of a ransomware attack.

1. Windows Updates. The primary purpose of Windows updates is to close security vulnerabilities. Holes are constantly identified. Keeping your computer updated can feel like trying to plug a leaking dam: Every time you plug one hole, another one opens up. While it can be distracting and aggravating, it simply can’t be ignored. The key for a business is to update ALL computers. One neglected computer could be an entry point into your entire network. There are tools available to automate the updating process and ensure all PCs are updated. Regardless of how, update all your network computers and servers right now.
    
2. Anti-Virus Software. Every computer and server on your network must have a high-quality anti-virus program updated and operating. All anti-virus applications are not created equal. The reality is that free ATV programs do not provide adequate protection anymore. Free programs are reactive and do not prevent these damaging viruses from being installed. Additionally, most free ATV programs do not address security issues like rootkits, bots, keyloggers, phishing scams and infected websites. You need an ATV program specifically designed for a network environment. With these systems, your administrators can control the application and can even block end users from bypassing or changing the features of the ATV program.
    
3. Spam Filters. Email is the one of the most common sources of computer viruses and malware in the business environment. Typically, a phony email message that looks legitimate will carry an attachment or web link. When the user clicks on it, it will deploy a destructive application. If you can stop these email messages from ever reaching your end users, you have made a huge step in ransomware prevention. Most hosted email services do have a very basic spam filter built in. But in a best-case scenario, these simple filters will deliver the message to a “junk mail” folder. With this system, users still have the ability to open the messages. More advanced spam filters use real-time logic across all of their user base to quarantine mail. Some adapt and “learn” on the fly. Advanced spam filtering is very inexpensive and can be easily installed regardless of your current email set up.
    
4. Data Backup. I will say it again … and again ... because it is that important. In a corporate environment, there is no excuse for not having a reliable offsite backup system that stores multiple copies of your data. Do you have a quality backup system that is monitored daily? Is it working? Are you sure? The number one defense against ransomware is to have a readily available copy of your data. If you have copies of your data, you don’t have to pay the ransom! There are various types of backup systems, but I’ll be back to discuss those with you in a future article.