How to avoid falling victim to ransomware attacks such as WannaCry.
Ransomware, which encrypts all your computer files until you pay a ransom, is one of the most serious cyber threats to businesses. The average ransom demanded in 2016 was US$679, more than double the US$295 average demanded in 2015, security software firm Symantec reveals in its An ITSR Special Report: Ransomware and Businesses 2016, and it’s only going to rise.
When the WannaCry ransomware – also referred to as WannaCrypt or Wana Decrypt0r – came along in May it crippled more than 230,000 computers across 150 countries, according to Europol. It struck the UK’s National Health Service, FedEx and at least 12 unnamed Australian small businesses. That attack has put individuals and business owners on high alert around their online security systems.
How can you ensure your business does not fall victim to ransomware? These following five measures can mitigate the risks:
- Back up your important files at least daily and store the back-ups so they can’t be infected by ransomware
- Ensure your operating system and all other software is up to date
- Don’t open email attachments from unknown senders, and be very careful even with senders you do know
- Avoid dubious websites
- Stay informed about cyber risks
- Install good security software on your devices
To get the ransomware into your system, cybercriminals may use fake emails that appear to be from banks, power companies or even the Australian Securities & Investments Commission. That’s why everyone in your organisation needs to be across current cyber threats, and why regular staff education is a vital part of cybersecurity measures.
CPA Q&A. Access a handpicked selection of resources each month and complete a short monthly assessment to earn CPD hours. Exclusively available to CPA Australia members.
The Australian Government has a free Stay Smart Online Alert service to help keep you up to date. For larger organisations, the Strategies to Mitigate Cyber Security Incidents by the Australian Signals Directorate (ASD) is an extremely useful guide.
The following tech tools can also help reduce the risks.
Acronis True Image
If you only do one thing to defend against ransomware, it should be to back up your files – properly.
Using Dropbox or Microsoft’s OneDrive is better than no back-up at all, but ransomware can quickly infect files that are synchronised online. You need a solution that backs up and keeps multiple copies of files on external drives or cloud services that malware can’t access. Acronis True Image does this with encryption to protect back-ups – although we would still advise storing at least one set of regular back-ups offline “or otherwise disconnected from computers”, as recommended in the ASD’s security strategies.
There are other good back-up solutions available, but Acronis True Image is a good choice because it’s relatively simple to use for a powerful back-up tool.
It allows you to employ a multi-layered back-up strategy, supporting various types of storage devices and cloud services (including Acronis’s own), and using different types of back-ups. This includes taking an “image” of a computer’s files that makes it relatively quick to restore a complete system after major incidents.
A Premium version includes Acronis Active Protection, which is designed to neutralise any ransomware attacks.
Acronis True Image costs from A$99.99 per year for up to three computers. Acronis Backup is available for small businesses.
Secunia Personal Software Inspector (PSI)
WannaCry was able to spread fast because of a Windows vulnerability that was patched by Microsoft in March. However, it was obvious many organisations had not yet updated their systems with the latest security patch. It’s just the most recent example of why it’s so important to keep software up to date, including operating systems, applications such as Microsoft Office and Adobe Acrobat, and your web browser. For individuals, most software updates either happen automatically or you only need to accept updates when prompted.
However, not all software makes it that easy. This is where Secunia PSI from Flexera Software can assist. It’s a free personal software inspector that scans your computer and identifies programs that are insecure and need updates.
It supports more than 20,000 programs, automatically updating most of them or, when that isn’t possible, it provides you with some handy instructions.
It’s more complicated for larger businesses where individually updating each system isn’t feasible. Software management tools such as Flexera Software’s Vulnerability Intelligence Manager can help – but however it’s done, security updates need to be done promptly.
The ASD says: “There is often a perception that by patching a system without rigorous testing, something is likely to break on the system. In the majority of cases, patching will not affect the function of an organisation’s ICT system. Balancing the risk of taking weeks to test patches and patching serious vulnerabilities within a two-day time frame can be the difference between a compromised and a protected system.”
Bitdefender Internet Security
There are several high-quality security suites that offer excellent antivirus protection and other helpful tools, but Bitdefender Internet Security stands out in a few ways.
In particular, it offers ransomware protection, which allows you to select specific folders for extra protection, preventing ransomware from encrypting your important files. It also includes anti-phishing, anti-fraud, secure browsing and other tools that may help prevent infections from ransomware and other malware.
Bitdefender Internet Security costs A$94.99 per year for three PCs. For businesses that need to protect more PCs, Bitdefender offers GravityZone Business Security.
Webmail services such as Gmail and Office 365 include spam filters, but for greater protection against fraudulent and malicious emails, MailGuard is a cloud service designed for business email security.
MailGuard’s predictive email filtering protects against cyber attacks such as phishing, malware, ransomware and spam. It works with on-site Microsoft Exchange servers, Microsoft Office 365, Google’s G Suite and other hosted email solutions.
Want to know more?
How to protect against the new malware threat