RONKONKOMA, N.Y., Jan. 23, 2018 /PRNewswire/ -- One of the biggest threats to business operations isn't a competitor or new technology – it's a cybersecurity threat called ransomware. Ransomware attacks can occur at any time to businesses large or small, usually through email. Once an attack has been executed, it can take a day or two to see its effects on your network. And by then it is too late. "A ransomware attack typically goes undetected until it has caused significant damage in the form of business downtime and data loss," says Peter Xenakis, Regional Sales Manager and an IT security expert at Island Tech Services (ITS) (www.itsg.us.com), a leading provider of advanced technology, mobility and vehicle solutions. Companies that have fallen victim to a ransomware attack are then faced with a series of unplanned financial decisions, including temporary business closure, downtime for data recovery or – in extreme cases – paying a hefty ransom to unlock their data. The latter choice is not always clear. "Payment of a ransom does not always guarantee that the business will receive the codes necessary to unlock their data. Even when they do get the proper codes, the business is then faced with the time-consuming task of unencrypting data – one file at a time," says Xenakis. ITS has identified Four Steps Businesses Can Take to Protect from Ransomware.
Ransomware follows a standard process. First, it is introduced into a network, usually through an email phishing scheme where an unwary employee clicks on a link that downloads an executable malware file to the network. These phishing emails are difficult to avoid without proper training. They masquerade as typical emails and are often difficult to discern from actual email traffic.
Once activated, the malware begins to encrypt all files to which it has access, including files on network drives. It also infects other connected workstations and they begin to act in concert – encrypting all the files stored within an organization's servers.
As the ransomware encrypts files, users notice that their systems appear to work more slowly or that they are unable to access files they had been working on just days or hours before. By the time IT has been notified, the damage is done. At some point, clicking on an encrypted file brings up a website for a "decryption service" offering to recover the files – for a price.
"Ransomware tends to cross over backup or recovery points as it is slowly encrypting files," says Xenakis. "This results in unencrypted and encrypted files both being backed up."
At this point, companies often must go back many days to locate an unencrypted full backup or "good version" that does not include any encrypted files. Even when they do, many organizations have not properly created enough recovery points to limit the damage. Instead, they then face the challenge of recovering massive amounts of data which takes a great deal of time.
Four Steps Businesses Can Take to Protect from Ransomware
Xenakis says that proper employee training is the key to avoiding or mitigating the threat of ransomware. He recommends companies follow a four-step Security Awareness Training Program:
- Appoint a Cyber Cop. Dedicate someone in each office to be involved in the IT security process. This person doesn't need to be an IT staffer, but should be an employee who can coordinate training and testing with other employees. For example, healthcare organizations are required to designate someone as HIPAA compliance security officer.
- Conduct Regular Training. Formal and ongoing security training – preferably a video training program – is required for organizations of all sizes to ensure employees are vigilant about security threats. "Employees need to be trained how to identify, avoid and report any phishing scheme," says Xenakis. "The No. 1 threat vector for ransomware is employee email."
- Test Your Employees. Random testing of employees ensures they are following the training they have received and may indicate weaknesses. Organizations can use specific tools or create their own phishing campaigns to test for awareness and vulnerabilities.
- Audit & Log Your Training & Tests. By properly auditing and logging your training and testing, you can ensure that employees have participated in the regular training and are prepared. "No one is above the training," says Xenakis. "Not even the CEO."
"The key to a strong Security Awareness and Training Program is that it is ongoing – repeated and updated to reflect new lessons – and that everyone in the organization, including existing and new employees, receives the exact same training," says Xenakis.
Want to Learn More?
- ITS offers a series of technology solutions for managing and providing security to your organization. Learn more at http://ow.ly/nvXx30hOBRN.
- Learn about the Five Guidelines to Make Sure Your Critical Information is Safe at http://ow.ly/BWvW30hOBYG.
About Island Tech Services
Island Tech Services (ITS) (www.itsg.us.com), is a leading provider of advanced technology, mobility and vehicle solutions to business professionals, first responders and public-sector employees throughout the country. For nearly 20 years, we have helped customers incorporate technology in their work to increase performance, efficiency and security. Our comprehensive and integrated technologies and services span from headquarters, to field techs, to command vehicles. For more information about ITS, please contact us at 888-614-2770 or visit http://www.itsg.us.com/
SOURCE Island Tech Services