How to prepare for a ransomware attack

Ransomware is a form of malicious software or ‘malware’ which demands payment to unlock your computer and can often prove difficult and expensive to clean up or remove.

Following these nine simple steps will minimise your risk and help protect your business against ransomware:

1) Update regularly
Check security updates and ensure your systems are fully patched against known vulnerabilities. This is a simple but important step to minimise risk.

2) Always install, update and use anti-virus software
Those reminders may seem annoying but up-to-date anti-virus software provides valuable protection against cyber-attacks. Make sure you install and update your anti-virus software as a priority.

3)Don’t enable macros in document attachments received via email
Macros are one method ransomware criminals use to access your computer network. Be vigilant in screening (even blocking) file extensions such as ZIP, .js or .wsf files via email.

4) Be cautious about unsolicited attachments
Attachments are another vector used by cyber criminals to infect your machine. Avoid opening or downloading any email attachments from senders you don’t know.

5) Don’t give yourself more login power than you need, and don’t stay logged in as an administrator any longer than is strictly necessary
Administrator access is the gateway to your network. Minimise the risk of an attack by restricting login access to those who really need it and make sure your policies are clear on when and how long access is recommended.

6) Backup regularly and keep a copy of all backups off-site
If you’re unwilling to pay the ransom or in the event that your computer cannot be cleaned, you’ll need to undertake a system restore or rebuild. Regularly backing up your machine/s and network will minimise the amount of data and time lost.

7) Test your restoration procedures
Your backup regime is only useful if it works. Without testing restoration process, you cannot be certain that your backups will be available if required. Test regularly and keep in top of backup notifications and error reports.

8) Ensure you have a Disaster Recovery Plan in place
Despite best intentions, it isn’t always possible to avoid an attack. Therefore it’s essential to have a Disaster Recovery Plan for your business, so you can quickly and efficiently restore if you do fall victim to an attack

9) Stay up to date on the risks
Make sure key staff understand the risks and have the knowledge to keep your business safe. Read OneNet’s Planning, Removal and Protection Guide for more information.

For more advice and information, contact OneNet to speak to a ransomware expert:
call 09 376 7610 or send us an email.

Alternatively, download our full Ransomware Protection and Removal Guide here.