Can You Prepare For Ransomware?
“WannaCry”? “Petya”? The names of the ransomware viruses that are becoming so prevalent are almost as worrying as the attacks themselves. The recent “Petya” ransomware attack (which followed hot on the heels of the “WannaCry” virus that shut down many UK hospitals), serves as another reminder that online security needs to be taken seriously.
Add to that the recent hack of emails in the Houses of Parliament, which was attributed to sloppy passwords, and you can’t help being worried. But while you can’t protect yourself completely from ransomware attacks, there are steps you can take to decrease the chances of one being successful.
Luckily, for creative industries, the four sectors most hit by ransomware attacks are business and professional services, government, healthcare and retail services. But that’s no reason to be complacent. The GDPR (General Data Protection Regulation) regime that comes into force next year, not only restricts how you handle people’s information and the permissions required, it also increases exponentially the level of fines that can be imposed on an organisation for lapses in security.
In other words, if an actual data theft doesn’t quite destroy your business, the fines may well finish you off.
We will look at GDPR in more detail in a future post but for now, just a couple of reminders about online security.
Beef up your passwords
Yes. You’ve heard it before and paid no attention, but weak passwords are liking hanging the keys of your business on its front door.
You could try to check your password strength by plugging it in here: https://howsecureismypassword.net/ if you trust it, that is! You’ll get an estimate of how long it would take a computer to hack your password – from nanoseconds to millions of years. Our friends at Private Hosting tell us that anything less than 35 thousand years is not good enough.
Some of us at Artisan Accounts have tried it with our personal passwords and you can tell by our faces the ones who are feeling smug! Ok, 11 Trillion years is pretty secure!
Hint: Look to poetry to find a mix of words that are truly difficult to hack and easy to remember.
Always make sure your antivirus is up-to-date
Viruses and other security threats are changing all the time. Make sure you keep up. Simple.
Don’t be too quick to click
Attacks can spread through phishing or spam emails, so make sure you check an email’s content for legitimacy. Hover over a link and see if it’s going to a reliable URL. Or, if you’re unsure about an email’s content or the source it came from, do a quick search and look for other instances of this campaign, and what those instances could tell you about the email’s legitimacy. Even an e-mail from someone you know, may not be secure – what it their email has been hacked? We all know of someone that has happened to.
Apply system and application updates
Making sure your operating system is up to date will help contain the spread of malware, so stop clicking the “Remind me later” button!
Back up regularly and completely
Back up all your data regularly. If your system becomes infected with ransomware or another virus, your data could become completely inaccessible. Make sure you cover all your bases and have your data stored in a separate secure location.
Have a Disaster Recovery Plan
The GDPR will require organisations to have a DRP, but it just makes good sense to put one in place as soon as possible, if you haven’t already. It doesn’t have to be as complicated as it sounds, check out our recent blog, How to Create a Disaster Recovery Plan, to get started.