What does ransomware do?
- Prevent you from using your system
- Encrypt files so you cannot use or access them
- Stop you from running certain applications
- It can be very difficult to decrypt the files without the original encryption key used by the attacker.
Simple steps to protect against ransomware
- Turn off your computer.
- Disconnect it from the network (remove the cable), turn off wireless connections, remove any connected devices (USB sticks etc.) and turn off any cloud back- ups (e.g. Dropbox or Office 365).
This is to prevent the malware spreading.
- Never hand over remote control of your machine, (other than to the IT helpdesk in your own organisation).
- Don’t feel pressured to pay.
- It is not advisable to pay the ransom (usually required in bitcoins).
- There is no guarantee the cybercriminal will unlock your files and, even if they do, they may come back again once they know you are prepared to pay.
The process for cleaning up the computer and removing the ransomware depends on the type of ransomware. It may require re-formatting the hard-drive (e.g. by restoring to factory settings). If you’ve backed up your data, you can reinstall it once the computer has been cleaned. If you’re unsure of what to do, seek technical assistance from an expert.
Tips to avoid ransomware
There are many simple, common sense precautions businesses can take to help reduce their vulnerability to an attack.
- Update your software regularly. Software updates include “patches” to prevent against the most recent threats, which will keep your system more secure.
- Anti-virus software. Use the latest anti-virus software and update it regularly. Each update includes protection from the most recently known malware and viruses. Keep your firewall updated and patched to prevent threats before they enter your network.
- Back up your data and test it. Regularly schedule routine back-ups of your data and files to an external hard drive or the cloud (online storage platform). Make sure these are not kept connected to the computer and are stored separately. This can help you keep your information secure if you are locked out of your computer and unable to recover encrypted files. Regularly test that you can retrieve data from your back up source. You should consider keeping a physical copy of the back-up off site.
- Malware: This is malicious software designed to facilitate unauthorised access to a system, or cause damage or disruption to a system. Malware is often downloaded to a user’s computer or system by clicking an unsafe link or attachment.
Our brokers can work with you to create a tailored, cost-effective cyber insurance package to help your business recover in the event of a cyber attack. We have cyber risk management packages for any size New Zealand business.