Thames Valley PC Therapy

Ransomware

Ransomware is now the biggest cyber-threat that organisations, big and small, have to contend with. What steps can you take to protect your organisation?

What is Ransomware

In a Ransomware attack criminals steal your data (and potentially sell it on the dark web), and also make all your files completely inaccessible. They will then demand payment, in return for unscrambling your data, and not exposing it.

The consequences are obviously very serious, for your staff and clients, as well as your reputation. The exposure of sensitive personal data could leave people vulnerable to fraud, identity theft, coercion and blackmail. Also without access to your files the work of your organisation will be severely disrupted, if not impossible to carry on.

How can I protect my data?

The first priority is obviously to prevent the breach happening in the first place. Most attacks succeed because of human error:

  • A user tricked into disclosing a password;
  • A user clicking on a link to an infected web page;
  • An admin tricked into resetting a password.

So all your users should be trained to:

  • Never ever under any circumstances disclose a password;
  • Never enter a password on a web page, unless it is the page they use for normal login;
  • Recognise and ignore phishing emails, and other variants in the form of texts, social media posts and ‘phone calls.

And admins must be instructed to:

  • Never reset a password unless they can positively identify the user making the request.

You should move away from relying on passwords alone to authenticate users. Instead switch to using passkeys (if available), or passwords with 2FA.

Then there are steps you can take to mitigate the effects of the worst happening:

  • Make frequent reliable backups of all your important data. Then you should be able to quickly restore your systems and carry on normal operation. You may lose some very recent information, but hopefully you should be able to reconstruct this fairly easily.
  • Encrypt all your sensitive data, so even if it is stolen it has no value to the thieves. If you are using cloud based storage if possible choose a service where you alone have knowledge of the encryption key.
  • You should prohibit staff or volunteers storing any files on their own computers. All files should be accessed in secure shared storage. This could be on premises and/or in the cloud.
  • There may be very exceptional circumstances, e.g. someone needs to work on a document when access to the Internet (and therefore shared storage) is unavailable. Then they must ensure it’s encrypted. Free software is available to do this.

Remember if a laptop, computer or device with unencrypted files is lost or stolen, then you would have to declare a data breach.