The threat of ransomware has coexisted with the popularity of internet as a medium to conduct business. The dawn of the COVID-19 pandemic saw the global business moving in the comfort zones of our homes from the office spaces, and with this, the very persistent threat associated with it. While the rulebook to defend your systems and businesses from ransomware be still the same, it needs to incorporate the new challenges the pandemic has brought in for companies and agencies in charge of preventing the cybercrime.
The recent bulge in the remote working activities, courtesy lockdowns, and social distancing norms, have made the work systems and servers more vulnerable to attack from the criminal groups who are on the hunt to exploit the lack of proper firewall and other measures that usually form the part of an established office IT system. Adding to these are some specific threats that are arising due to everything going around lately:
- Scams that may lure people in urgent need of financing after being affected with lockdown and other measures.
- Intrusion of the ransomware in form of tools and applications for regular business work like video calls and other necessary mode of communication.
- In form of information about the sought-after essentials like medicines, vaccines and other healthcare related products.
The way to tackle the threat can be divided broadly in following categories:
- Adapt:
a) Make a habit of taking full system backup at regular intervals of your databases and servers.
b) Submit a copy of your important data with a centralized system with very little access and rights to make any changes.
c) Looking for possible gaps and vulnerabilities in the system and follow them with proper and secured patchwork.
d) Personal and professional activities to be separated strictly with the devices for the activities having a well-defined distinction, with no possibility of crossing into each other.
e) Be extra cautious about phishing emails, flagging all types of external mails entering your inbox. A thorough training and educating of the employees must be followed up with keeping in mind all types of examples of threats.
- Respond:
a) Ensure that the agencies in charge are functional for your complaint and reporting and the response teams have access to compromised devices, preferably physically, as soon as possible.
b) Taking help of legal experts on the matter while planning your response or drafting the policy to tackle the threats in future.
c) Update your response policy regularly, keeping a check on all incidents that can be studied for better understanding of the looming threat and plans for future.
d) In case of attack, plan for the restoration of normalcy as soon as possible through back-up data and servers.