According to the 2019 Official Annual Cybercrime Report, every 14 seconds a business owner falls victim to a ransomware attack. Now Brown-Forman, US liquor manufacturer and owner of the brands e.g. Jack Daniel’s has also become a victim of a ransomware attack.
Ransomware is constantly evolving. Business owners also need to evolve security strategies to protect their data and assets.
According to Bloomberg, the hackers stole over a terabyte of data when they penetrated Brown-Roman’s network. This makes the American liquor manufacturer the latest prominent victim of a ransomware attack.
Ransomware is software that denies users access to devices or computer systems until a ransom (ransom) is paid. This malware encrypts valuable data and locks users out of their own system. A ransom is demanded for the decryption key, which is usually paid in the form of Bitcoins or other cryptocurrencies.
Thus, the data taken hostage can be information about customer data, but also data from operational technologies e.g. compressors, pumps, etc. can be affected. If it is customer data, dissemination results in a serious data breach. This incident must also be reported to the data protection authority. However, there is also no guarantee that the affected party will regain access to their devices and data after paying the ransom, which is why prevention is ultimately the best strategy in this context.
How can you protect yourself from ransomware attacks?
Employee trainings
A large part of ransomware attacks occur via spam and phishing emails. Employees should therefore be trained to recognize suspicious links in their email inbox and report them to their supervisor or IT manager. Even though employees are among the most frequent victims of cyberattacks, managers are better targets because they usually have access to more sensitive data and are therefore even more suitable for extortion purposes.
Schindler IT-Solutions offers workshops for companies to sensitize employees and managers to the handling of data. In 4 hours, each participant gets an overview of where the dangers lurk and how to deal with them.
Software updates
Regularly update the software of your devices. Not only firewall and virus protection, but also operating systems and office applications, … Note that a firewall must also be state of the art to provide security. Rely on a next generation firewall and secure your workstations and notebooks with up-to-date endpoint protection. A coordinated safety concept offers more protection. Today there are programs that detect encryption attempts and also automatically make copies of threatened files.
Passwords
Use a password manager. Secure passwords and regular password changes play a significant role in defending against ransomware attacks. In brute force attacks, hackers attempt to gain access to corporate networks by entering as many passwords as possible with the assistance of bots. If common passwords are used and they are not changed regularly, the success for the hackers is even greater. Make sure that you do not use passwords from Linkedin, Anazon, Facebook,.. in the company network as well. Often online services are hacked and the cyber criminals can access the corporate network with the same password.
Regular data backup
Make regular backups of your data and always keep a backup offline. In most cases, not only the original data, but also network storage, drives and cloud locations are encrypted by the malware. In cloud systems with synchronization services such as Dropbox or Google Drive, data may be overwritten if synchronization is performed immediately after data encryption.
Schindler IT-Solutions specializes in data. In workshops on the topic of data security and DSGVO, with the support of certified data& IT security and DSGVO experts, participants will be introduced to cybersecurity and the associated data protection guidelines in practical examples.
Workshops will again be held at the training center in 2100 Stetten in 2021. As always, you can find the current dates on the homepage easygdpr.eu.
From 10 persons it is possible to hold the workshop directly in your company at your desired date or you plan a company outing and use the training center of Schindler IT-Solutions.