Preventing ransomware – precautionary steps to take

This article counts towards accumulating your annual CII CPD structured learning hours for Cyber and Data Security.

By reading this article, and correctly answering the three questions underneath, you will have achieved the following learning outcome: Identify strategies for categorising and safeguarding personal or sensitive data.

Visit the CPD Hub to log in and begin accumulating CPD hours.

You will have read about the NHS and many other organisations being impacted by a new strain of ransomware.

Since the WannaCry ransomware attack of 2017, which hit over 200,000 victims worldwide and infected over 300,000 computers, ransomware attacks have continued to plague companies around the world.

In the past year, 28% of UK firms have been hit by a ransomware attack, a rise of over 10% since 2016 and pre-WannaCry. Tactics by hackers continue to evolve and, whilst companies can train staff to be as vigilant as possible, the threat of an attack remains.

What is ransomware?

Ransomware is a type of malware that infects your computer and prevents you from accessing files (at times, it may even encrypt your files). There’s no fool proof way to completely prevent any type of malware from infecting your computer.

Below, we outline some precautionary steps you can take to avoid ransomware from infecting your system:

• Always ensure your antivirus software is up-to-date. Regularly update your antivirus software. This provides another layer of security against many attacks
• Backup important data. There are no known tools to decrypt files that have been encrypted by ransomware. One good safe computing practice to develop is to ensure that you regularly back up your files. The 3-2-1 principle is a good rule of thumb: have three copies, two different media, and one separate location for your backed up files. Windows has a feature called Volume Shadow Copy that allows you to restore files to their previous state, and is enabled by default
• Always verify the email sender. If you receive an email from someone claiming to be a bank representative, call the bank directly to verify that the message is legitimate. If you receive a suspicious email from a personal contact, reach out to that person directly (do not reply to the email you received) to confirm that they sent you the message. Do not rely solely on trust by virtue of relationships, as your friend or family member may be a victim of a cybercriminal as well. Avoid opening emails from an unknown source
• Double-check the content of the message. There are obvious errors or discrepancies that you can spot in illegitimate emails. For example, if your bank or a friend claims that they have received something from you that you don’t remember sending, try to go to your recently sent items to double-check if you really did send the item they are referencing. There’s lots of tactics that spammers and phishers use to lure you, so take some time to learn about the different types of techniques that social engineers use
• Refrain from clicking links in email. In general, clicking on links in email should be avoided. It is safer to visit any site mentioned in email directly. If you have to click on a link in email, make sure your browser uses web reputation to check the link, or use free services such as Trend Micro Site Safety Center.

For more information on managing cyber risk, please speak with your local Zurich contact