Thousands are having their computers encrypted by ransomware – are you one of them?
Ransomware is a form of malware that gives cybercriminals the ability to remotely lock down files on a victim’s computer and/or mobile devices, from a remote location. A pop up window informing the owner that it will not be unlocked is displayed demanding a fee to unlock them! Often the only usable part of the computer is the number keypad to enter a PIN to enable payment to the criminals!
An additional twist is that an accusation of illegal activity or even pornographic images appear on the locked screen making it even more difficult for some users to seek help from anybody else.
You can never be totally safe, but most online attacks can be prevented or detected by basic security practises.
10 Cybersecurity Tips for you and your business
- Train employees – establish security practices and policies for employees and create a culture which takes cybersecurity seriously.
- Protect your systems – install latest software updates to protect against the latest online threats. Carry out inside-out and outside-in penetration testing.
- Provide firewall security – ensure this is correctly configured. If employees work from home, ensure their home system(s) are also protected.
- Don’t forget mobile devices – make sure laptops, tablets and smartphones all have adequate safeguards and reporting procedures in place if lost or stolen.
- Backup – check all critical data is regularly (preferably automatically) backed up to a secure off-site location.
- Control physical access – secure building entry points, consider CCTV installation, ensure visitors are properly managed and IT areas locked.
- Secure your Wi-Fi – if you have a Wi-Fi network for your workplace, make sure it is secure and encrypted. Do not allow visitors to use – provide a secure, separate guest network if you want to offer this facility.
- Payment cards – if you take card payments, make sure validation and anti-fraud systems are in place and that you are fully PCI compliant. Don’t use the same computer to process payments and surf the Internet.
- Restrict employee rights – staff should only be given access to systems they need for their jobs and should not be able to install new software without permission.
- Password policy – require employees to use unique passwords which are changed at pre-set times. Consider implementing multi-level access authentication to highly sensitive systems.
If you’re a victim of ransomware, report it to Action Fraud immediately.