Get the right policies in place to improve security and establish regular backups.

Ransomware is, unfortunately, now a way of life, forcing users to choose between losing data or extortion. Intellectual property and other sensitive data can be exposed to competitors and the public at large when user data on workstations, laptops, and mobile devices is compromised. Productivity, operations, and company reputation can be placed in jeopardy as well. To combat this, every organization should make regular backups of all end-user data stored on both company-provided and employee-owned systems a priority. 

Here is a look at the current state of ransomware and what IT departments can do to protect their company data.

Build better defenses

Europol’s No More Ransom project is designed to lessen the threat of ransomware by offering free decryption tools for hundreds of different families of ransomware, as Danny Palmer reported on ZDNet. Authorities estimate that this has stopped more than four million victims from giving in to ransom demands.

However, the same authorities say that the best way to protect against damage from a ransomware attack is to put good cybersecurity measures in place to avoid falling victim to ransomware in the first place.

Fernando Ruiz, head of operations at Europol’s European Cybercrime Centre, told ZDNet that the most important advice he could give is to make data backups and keep them offline.  

False promises from attackers

Even if a criminal promises to restore data once a ransom is paid, there’s no guarantee that will happen, as Lance Whitney recently reported in TechRepublic. 

IBM’s threat intelligence group X-Force also found that this was the case after mitigating and analyzing a recent ransomware attack that used Jest. During its research into the attack, X-Force found evidence that this particular strain of ransomware may not have been designed to allow the decryption of files, even after the ransom was paid. X-Force believes that flaws in the decryption process could have led victims to resubmit payments, thus increasing the overall earnings for the attacker.

Put good policies in place

To protect corporate data from ransom attacks, both IT departments and users have to accept responsibility for this task and follow best practices. This includes implementing and maintaining a centralized backup system or official configuration that covers protected directories and devices. It should also include all other aspects of end-user data, such as messaging systems, databases, and instant messaging information. This backup system may be local (in-house, such as a data center) or external (such as in cloud storage provided by Box or Dropbox). 

End-users must be sure to use only IT-approved locations to store company data on their devices, not store personal data in company-provided backup locations, and avoid transmission of private or confidential information.

The end-user data backup policy from TechRepublic Premium includes additional guidance to make sure that IT departments have all business-critical information backed up in a secure location. Combs, V. TechRepublic Premium. January 07, 2021