The Today Show featured another piece on cyber security today, this time discussing ransomware. During which, Tom Costello claimed the best way to protect yourself from a ransomware attack is to back up your data. This cannot be further from the truth. First of all, backups do not protect you from becoming a victim of ransomware. It can be an adequate way to retrieve your data after a ransomware attack, but in no way, is it a defense.
In the event of a ransomware attack, theoretically you could restore your data using your backups. But what happens if those too are infected? Or if it takes too much manpower or time to restore via the backup systems? Many times, ransomware will strike and the organizations do have backups, but choose not to utilize them. Why would they do that? Often times it is cheaper to pay the ransom instead. By doing so, the company does not have to pay the IT staff overtime to get the systems restored. Also, time may be of the essence, and they cannot wait for the restoration process to occur.
If Backups Aren’t the Answer, What Is?
It is time organizations begin focusing on preventing the ransomware from infiltrating their systems, instead of what to do after an attack occurs. The best way to prevent ransomware is with the use of application whitelisting in conjunction with cyber security training. Most ransomware attacks are executed via phishing attack. A phishing attack is an email that is sent from a cyber criminal with a malicious attachment. Recently, that attachment has included a ransomware executable. Meaning, once the user clicks on the ransomware, it begins to encrypt files within the PC.
To avoid becoming the next victim, users must know how to spot phishing emails. This can be done with cyber security training. Also, if users click on the link, they need to have a solid security solution in place that will recognize the malicious file and block it from executing. Application whitelisting has been proven far more effective in preventing malware infections, including ransomware, than traditional blacklisting solutions. For instance, PC Pitstop, makers of PC Matic, PC Matic Pro and PC Matic MSP rely on application whitelisting as their primary method of malware detection. In the most recent Virus Bulletin Reactive and Proactive (RAP) test, PC Pitstop’s application whitelisting technology prevented 99.97% of the malicious files. The average proactive detection rate for all participants in this test was 64.35%.
It is time both home and business users focus on a proactive solution.