Ransomware is the online combination of kidnapping and bank robbery that can render files and IT systems completely useless—a worst-case scenario to be sure, but a very real one. What’s more, cybercriminals continually update their malware to evade detection and circumvent attempts to break the encryption, and use social engineering strategies to target victims. Unfortunately, there’s also no guarantee that paying up will compel the hacker to give data and systems access back to your client.
“Even without counting the ransom itself, organizations affected by ransomware are going to have to deal with the costs of containment, downtime, and recovery,” explains Mark Nunnikhoven, vice president of cloud research at Trend Micro Inc., a global IT security provider with U.S. headquarters in Irving, Texas. “Prevention is best in order to avoid getting to that point where the tough discussion around paying needs to occur.”
IT security providers such as MSPs and resellers must therefore focus all their attention on prevention, according to Nunnikhoven, who offers these five tips:
- Back upclient data, using a 3-2-1 system: three back-up copies on two media, and put one of those in a secure, offline location.
- Educate end users not to click on links or open attachments in unsolicited emails; to verify email sources before opening; and to bookmark frequently visited sites. The latter will help prevent them from accidentally visiting drive-by-download sites laden with malware.
- Patch all systems as soon as updates are available and keep security software current to minimize the chances of software vulnerabilities being exploited.
- Segment the network into subnetworks to reduce the spread of ransomware through the client’s organization. Another advantage of using this approach is it generally improves network performance.
- Use a layered defense with advanced security in place at the web/email gateway, endpoint, network, and physical/virtual/cloud server levels.
For more in-depth advice from Trend Micro on how to best serve your customers with layered ransomware protection, go to www.channelpronetwork.com/ZZ5.