Businesses are becoming popular targets to a form of malware known as ransomware. Ransomware is used by cybercriminals to freeze your computer or mobile device, steal your data and demand a "ransom" — anywhere between a couple of hundred to thousands of dollars — be paid. Ransomware infiltrates enterprise networks and servers and individual laptops or computers, leading to the loss of critical information and data.
These tips can help businesses thwart ransomware attacks:
- Educate your employees. Employees can serve as a first line of defense to combat online threats and can actively help stop malware from infiltrating the organization's system. A strong security program paired with employee education about the warning signs, safe practices, and responses aid tremendously in preventing these threats.
- Manage the use of privileged accounts. Restrict users' ability to install and run software applications on network devices, in an effort to limit your networks exposure to malware.
- Employ a data backup and recovery plan for all critical information. Backups are essential for lessening the impact of potential malware threats. Store the data in a separate device or offline in order to access it in the event of a ransomware attack.
- Make sure all business devices are updated. Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans so that your operating systems operate efficiently.
- Be cautious of email links. If an email or pop-up message has links, it is best to not click them unless you are certain it is legitimate. Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software designed to weaken your computer’s security. If the link looks legitimate, hover your mouse over the link (without clicking it). A small window will pop-up with the true URL. If the URL differs from the one displayed as the link text, it may lead you to a potentially harmful destination. [For example (this link isn't harmful but is an example of how easy it is to redirect): https://banks.com]
If you fall victim to a ransomware event, contact your local FBI field office immediately to report and request assistance. To locate the office nearest you, visit fbi.gov/contact-us/field-offices.
For additional resources, visit STOP RANSOMWARE at https://www.cisa.gov/stopransomware