01-10-2021
A ransomware attack can happen to anyone. A click on a wrong link is simply done. But prevention is of course better than cure. In this article, we share our tips to minimize the chance of a ransomware attack.
What is ransomware?
The literal translation of ransomware is ransomware . And that is exactly what it is: software that blocks your computer, server, network drive or other data and demands a ransom to regain access. Nowadays often in the form of bitcoin, because it is not traceable.
For example, ransomware looks like this:
How can ransomware be installed?
There are many ways you can be affected by a ransomware attack. Here are three commonly used methods:
The most common way is by clicking on a rogue link . Usually in an email. Even if you don't do it on purpose, you actually install the software yourself that way.
Another way is by inserting a USB stick into your computer that contains the software.
Ransomware can also be installed because a hacker manages to gain access to your systems. This can be done digitally, but also physically.
Known attacks
For private individuals, it usually concerns a ransom of several hundred euros. Compare change at large organizations affected by a ransomware attack. Watch:
In May of 2021, JBS Foods, the world's largest meat processing company, was hit by a ransomware attack. As the company had to shut down all its operations, it was decided to pay the $11 million ransom .
Under the name WannaCry, the largest ransomware attack of all time took place in 2017. More than 250,000 systems in 150 different countries were infected with the virus.
In 2016, the San Francisco Municipal Transportation Agency fell victim to a ransomware attack. Smart backups enabled them to restore the system within two days without paying the $73,000 ransom. Still, it cost them a lot of money, because the hack prevented passengers from buying tickets and thus traveled for free.
12 Tips to Prevent Ransomware Attacks
Preventing it completely is almost impossible, but you can at least make the chance as small as possible. The tips below are mainly intended for organizations, but can also be used by individuals.
Install good anti-virus software.
Block unauthorized access through a firewall .
Set a filter to block malicious emails.
Keep software up to date .
Enable show file extension . Malware is usually an .exe file disguised as another file.
Make backups . Do it regularly, at an external location and where several people can reach.
Give employees limited access . For example, only with the servers that are necessary for their work.
Require strong passwords and refresh regularly.
Establish a cyber policy . For example, you can't use USBs, don't use public Wi-Fi, and only open attachments in emails from people within the organization.
Communicate to employees about the potential dangers of non-compliance with cyber policies. But don't be afraid: make it clear that an employee does not have to solve it themselves when there is a breach.
Draw up an incident response plan . What steps do you take when a successful attack has taken place?
Map out your cyber risk . What do you really need to protect your systems against? What has priority? MMOX helps organizations to clarify which vulnerabilities there are, but also which ones need to be addressed.
Still a victim?
What to do in case of a ransomware attack? First, don't panic. Ransomware is like a virus in the real world: it can happen to anyone. So it's nothing to be ashamed of. Don't pay, don't shut down your computer, and stay connected to the internet. Trying to fix the problem yourself is usually in vain and will only cause more problems.
Notify your IT partner so that it can be checked whether the backup can be restored. If this is possible, conscious actions can be taken.
Is there no backup possible and do you decide to proceed with payment? Have your systems thoroughly scanned afterwards. A disadvantage is that you do not know what is left behind.
With regard to liability, it is wise to file a report . Unfortunately, the police have few tools to get your money back or find the perpetrators, but because of the insurance it is a wise thing to do.
Our advice: accept reality
No matter how hard cybersecurity experts work to close gaps, criminals are constantly inventing new ways to access data. Our advice is therefore to take ransomware as a given. Just like we accept cold viruses in real life.
Take the measures as described above, but don't be afraid of them. Discuss what could happen and make a plan to protect your critical assets. Don't lock yourself in an unworkable system.
Want to take cybersecurity off your to-do list? Then contact MMOX. We offer complete unburdening for entrepreneurs and IT professionals. All-in-one active cyber service for a fixed amount per year!
DTC
Nederland heeft een uitstekend ondernemersklimaat en een sterke internationale concurrentiepositie. Digitalisering is een belangrijk onderdeel hiervan. Een randvoorwaarde hierbij is dat ondernemers digitaal weerbaar zijn en hun digitale veiligheid op orde hebben. Het ministerie van Economische Zaken en Klimaat (EZK) heeft daarom in 2018 het Digital Trust Center (DTC) opgericht.
TLF Cyber
TLF Cyber is the technology activity of MMOX and Nucleon. Here we develop the unique software platforms that are indispensable to implement risk-based cyber security. TLF Cyber also supplies the technology to other managed service providers who want to actively support their customers with their own Managed Service. www.tlfcyber.com
ABN AMRO
ABN AMRO Bank NV is the well-known Dutch bank for SMEs. ABN AMRO made the strategic choice to always be a relevant bank for its corporate clients. That is why the service portfolio is constantly being expanded. For example with Cybersecurity. ABN AMRO provides the MMOX Smart service under the name Cyber Safe and Secure
MMOX
MMOX is a specialist in Cyber Threat Management and recognised early on that cyber security specialists benefit greatly from working more effectively. MMOX' goal is to provide clear, fact-based insights into cyber threats. By using new methods and extensive automation, we offer relevant and up-to-date information about this threat. This enables our clients to work faster, more effectively and with a more extensive context. New insights and new opportunities to significantly reduce Cyber Risks. www.mmox.co
NN
With over 5 million private and corporate clients, Nationale-Nederlanden is one of the largest and leading financial service providers in the Netherlands. Nationale-Nederlanden offers a complete range of products including insurance, pensions, blocked bank savings, savings, mortgages, investments and loans. The combination of expert and committed employees, good products and services and an appropriate price/quality ratio enables us to find the best solution for you, our clients.
Hiscox
Like no other, they specialise in insuring independent entrepreneurs in professional services. You notice this through our fast and always correct claims handling. But especially through the service, which is entirely based on one principle: they solve problems for you. After all, after a damage, you already have enough on your mind. It is a way of doing business and thinking along that is as pleasant as it is correct.