It’s Past Time to Squash Ransomware

Don’t wait to become a victim. The key is to act before you’re attacked. That requires identifying vulnerabilities and shoring up systems.

Across the globe, a ransomware attack strikes a business every
11 seconds. This is not a statistic many companies want to think about. But it’s a reality, especially for the financial-services sector, where one-fifth of ransomware attacks occur, according to recent data.

Financial-services firms are an appealing target for a ransomware attack. They store a lot of valuable and confidential customer and corporate data, and they tend to have a significant amount of cash on hand. Their IT security can also be perceived as deficient, especially at smaller banks and credit unions.

Companies need to treat ransomware as a real disaster, not just a typical security event. Critical systems and data will get locked down in an attack. The target’s corporate reputation can also take a hit, especially if an attack makes headlines. That leads to a loss of customer confidence in any organization.

Financial-services firms maintain effective security, but there’s always room for improvement. Let’s explore the best practices financial-services firms and organizations need to know to defend against ransomware attacks.

First, there are factors that may already be putting you at risk. Before diving into ways to protect your organization from ransomware, it’s crucial to understand what these factors are. Here are three factors that can make your company more vulnerable:

Technology maintenance isn’t consistent. Organizations depending on legacy systems that are not updated and patched regularly leave themselves wide open for an attack.

Employee behavior. Employees are often the first line of defense. If they are not educated on potential threats, they could accidentally bring malware into an organization. One in three untrained employees is likely to fall for a phishing scam.

Poor security strategy. An organization is more at risk if it doesn’t have a unified security strategy. Organizations with multiple regions and departments need policies that address the different needs and risks of each region and department.

Attackers are poised and ready to take advantage of any weakness they can find. Now that you know what can put your organization in danger, it’s time to look at ways to defend against an attack.

When it comes to protecting your organization, the first thing you need to understand is this: ransomware events cannot be completely avoided. The threat is multiplying because cybercriminals modify their techniques as technology evolves. Plus, companies often pay the ransom.

When protecting against ransomware, you will want to implement as many defensive measures as possible. Below are four of the most effective actions you can take to reduce your risk:

Provide cybersecurity education. As I mentioned earlier, employees are an essential part of an organization’s defense. Having regular training sessions is ideal. Ransomware spreads through human behavior, so employees need to know what the latest phishing scams look like. Just one employee misstep—say, opening an attachment in a phishing email—can compromise an organization. Employees should also always notify their IT security team about suspicious emails.

Update your systems. Ensure all systems, and ransomware-protection software, are up to date with the latest patches. Making that a priority lowers the number of possible entry points for an attacker. This is especially crucial because a recent study found that an external attacker can breach an organization’s network in more than 90% of cases. Vulnerable systems and applications are the targets for the majority of attacks.

Establish password management. Nonsecure passwords give attackers a greater chance for success. Admins should create password rules to ensure security requirements are met. That could include strength requirements and the prevention of common phrases. Two-factor authentication also provides an extra layer of security. It requires a login password and a code that only the authorized user has possession of. The code is usually sent to a phone or through another application.

Secure your backups. Perform frequent backups of your critical data. Make certain they are not connected permanently to the computers and networks they are backing up. That could mean securing backups in the cloud or offline. Having multiple backups is critical to ensure one backup can’t be infected if another is attacked with ransomware. A data backup can also eliminate the need to pay a ransom to recover data if an attack occurs.

These suggestions are just a starting point. Protecting against
a ransomware attack requires a holistic approach. A cybersecurity software solution can provide full coverage before and after a ransomware event through:

Protection: We’ve covered the steps you can take to protect your organization from an attack. A software solution will aid those efforts with information-security monitoring tools. Other system settings can block ransomware before it is installed.

Detection: The faster your organization can detect a ransomware attack, the better. A software solution can monitor and analyze activity data from every device connected to a company’s network. When a security breach is recognized, the software can automatically log off affected users or notify a supervisor.

Recovery: What you do when a ransomware attack happens is just as important as what you do before your business is attacked. A software solution should provide a managed replication and recovery process to ensure a quick comeback from any service disruption.

The financial-services sector will remain a target for ransomware attacks. If your organization isn’t already doing preventative measures like implementing training and awareness, securing backups, updating systems, and keeping passwords secure, do them as soon as you can.

—John Gray is chief technology officer at InterVision Systems, Santa Clara, Calif.