Tips for Mitigating a Ransomware Attack
While cybersecurity experts say it's extremely difficult to avoid ransomware incursions, some fairly basic steps can mitigate their effects.
Back up files. If vital files are regularly backed up, recovering from a ransomware attack can be as simple as rebooting the system and reloading the data. Just make sure the backups aren't linked into your system, lest they also get encrypted during an attack.
Educate employees about email attachments. The bulk of ransomware is delivered via email attachments. Though some are fairly clever, others are obviously non-work-related items that can be easily spotted with a bit of training. For example, never open anything offering tips on how to improve your love life.
Keep software up to date. Apply any software patches immediately. The cybersecurity industry is rife with stories about companies that could have avoided expensive ransomware attacks entirely if they'd installed patches in a timely manner.
Don't link everything. Remember that, if everything in your system talks to everything else, a breach anywhere is a breach everywhere.
Be stingy about who gets administrator privileges. Possessing an admin's access makes downloading ransomware easy. Restrict the number of employees who can do this, and definitely restrict outside vendors.
Beef up passwords. Make sure employees have strong passwords, and that they're regularly changed.
If you decide to pay ransom, be advised that it might not work. Just because ransomware hackers say they'll give you access to your data if you pay doesn't mean they will. After all, if they were honest, they wouldn't do what they're doing
Source: IBJ Research