In 2016, there were more than 638 million ransomware attacks. Ransomware software is one of the most dangerous malware attacking software that has surfaced in recent years. It has crippled networks in public healthcare, banks, universities, defence installations and what not. Millions of systems have been affected around the globe. The use of this particular virus is widespread because you don’t require any coding or programming experience to launch attacks through it. It is openly available for download and reuse in hacking circles prevalent on the dark web. There are even basic hacking teams offering their services of Ransomware attacks and charge a certain amount to you. Since payment is made via cryptocurrency, there is even lesser chances of the authorities catching the hacker.
So, the basic question arises is; how can you stop these attacks from happening?
Most organizations don’t have a dedicated budget for stopping such attacks so what can they do? All of their data and day-to-day workings are on their networks and they just cannot go offline. Ransomware corrupts the system and as a result, whole databases can be lost. The recent attacks on the medial healthcare system in US and UK show that patient histories and other critical data was wiped away from the system and there was no backup available at all. It was an extremely dangerous situation for patients and became a new cause of concern for the insurers and the healthcare industry.
To prevent from future attacks from ransomware and other malware, organizations including the health industry need to take at least some precautionary measures as the PR alone can do everlasting damage to an organization being held for ransom. If you pay the attackers, the customers and clients won’t trust in your ability to protect their data in the future.
Here are some remedial measures to prevent a ransomware attack:
BACK UP YOUR CRUCIAL DATA
Most of the organizations do not have a credible backup database in place. Not only your backup system should be in place, you need to document everything. The process must be centered around the Recover Point Objective (RPO) and Recovery Time Objective (RTO). It is essential that you set both of these according to your customers’ requirements. If your recovery is fast enough, you can reset the whole system easily and not be laid hostage to a ransomware attack.
HOLD RANSOMWARE DRILLS AND TEST YOUR BACKUP PERFORMANCE
Testing the strength of your system is paramount to knowing how long can your system be back up if you take it down. Once you know how long it will take, you can take appropriate actions. Never place your backup drive on the same VLAN. It will compromise the entire system in case of a ransomware attack.
The mock ransomware attacks are a great way to introduce your employees to deal with such a situation. You can groom them to make appropriate decisions about the network. You should educate them about the primary way of ransomware attack initiation- Phishing. The more your employees know better, they better they will be equipped in case of such an attack.
USE ANTIVIRUS ON SYSTEM’S END POINTS
Antivirus should be updated and installed at your end points in a network. While ransomware is specifically designed to avoid being detected by regular anti-viral software, the you can still use different tools to detect suspicious behavior. Also use a simple web filter to prevent drive-by infections that result in a system being compromised just by the clicking of a website.
DEVELOP SOP’S FOR THE RANSOMWARE ATTACKS
All of the steps needed in case of a ransomware attack should be documented in a step-wise manner and your employees should know them by heart. It should also include a plan to contact the authorities without letting the hackers know about it. It will give them time to figure out who is conducting the attacks and from where.
An organization needs to mitigate the heavy risks associated with a ransomware attack. These steps ensure that your data remains secure even after the ransomware attack and they help you contain its advancement too. Remember that it is better to be safe and not risk your patients’ lives or customers!