THINGS TO DO BEFORE, DURING AND AFTER RANSOMWARE ATTACKS
More than three years after the infamous Wannacry ransomware, its costly aftermath remains a reminder of the serious damage cybercriminals can do by kidnapping companies’ essential data. This threat is still present as just recently, the operations of an automobile giant were halted in several parts of the world after a successful attack by another ransomware called Snake, also known as Ekans.
Kaspersky’s latest statistics for small and medium businesses (SMBS) in Southeast Asia show the same story. In the first three months of the year, the global cybersecurity company’s solutions have blocked a total of 269,204 ransomware attempts against businesses in the region. These are small businesses with 20 to 250 employees.
“Globally, we can say that ransomware has reached its peak years ago. It has gradually decreased in number, however, it is fast becoming business-centric. Based on our latest research, one-in-three ransomware attacks are targeting business users. So while the total number of ransomware attempts detected in the region is 69 percent lower than [yearago level], the risks of SMBS and enterprises losing their data and their cash because of this threat is still present. The good news is that there are effective ways to protect SMB’S much-needed cash flow from becoming payment to get their kidnapped data back,” says Siang Tiong Yeo, general manager for Southeast Asia at Kaspersky.
As more economies in Southeast Asia reopen after different forms of lockdown,
Kaspersky’s experts provide the following useful tips to keep businesses safe from the ransomware threat:
Before an attack Backup, backup, backup: Always have backup copies of your files so you can replace them in case they are lost and store them especially in cloud storage. Make sure you can quickly access them when needed.
Educate your employees: Build a shared sense of responsibility inside your company. Explain to your employees how following simple rules can help a company avoid ransomware incidents. Create employee and operational control policies covering aspects of network management and facilities, including password renewal regulations, incident handling, access control rules, and protecting sensitive data.
Layered security in everything: Security means safeguarding all data touch points within your network, may it be via hardware devices or software platforms.
Update, update, update: It is essential to install all security updates as soon as they become available. Always update your operating system and software to eliminate recent vulnerabilities.
Use a ransomware tool: SMBS can try a free Kaspersky Anti-ransomware Tool for Business. Its recently updated version contains an exploit prevention feature to prevent ransomware and other threats from exploiting vulnerabilities in software and applications.
During and after a ransomware attack Unblock your computer; remove the malware: If you find your computer blocked—it won’t load the operating system—use Kaspersky Windowsunlocker, a free utility that can remove a blocker and get Windows to boot. Cryptors are a harder nut to crack. First, you need to get rid of the malware by running an antivirus scan. If you don’t have a proper antivirus on your computer, you can download a free trial version here.
Don’t pay, do report: Remember that ransomware is a criminal offense. Do not pay the amount the perpetrators are asking in exchange for your data. If you become a victim, report it to your local law enforcement agency.
Get your files back; look for a decryptor: If you have a backup copy of your files, you can restore your files from the backup. That is by far your best shot. If you haven’t made backups, you can try to decrypt files by using special utilities called decryptors. All of the free decryptors created by Kaspersky can be found at Noransom.kaspersky.com.
Involve the experts: If the decryptor is not available online, contact your trusted cybersecurity vendor to check if they have a decryption tool for the ransomware that has attacked you.