How To Prevent A Malware Attack On Your Business
It’s a busy year for cybercrime.
In July 2017, companies across Europe and United States were hit by a widespread ransomware cyberattack called ‘Petya’, which caused massive disruptions in production.
This includes British multinational consumer goods company Reckitt Benckiser, with damages estimated to be around £100m in revenue.
Two months prior to the ‘Petya’ attack, another ransomware—dubbed ‘WannaCry’—targeted companies, government offices, and hospitals in 99 countries, including Britain’s National Health Service
According to internet security company Malwarebytes, there were one billion malware incidents all over the world during the latter half of 2016 alone, with ransomware taking the top spot.
Businesses are the top targets of ransomware, and this trend continues to the first quarter of 2017.
Major cyber attacks happening in frequent succession call for constant vigilance on the part of business owners.
But where do you begin?
What Does Malware Mean?
Malware is the portmanteau of “malicious” and “software,” written with the primary purpose of harming data, devices, or people.
To put this in perspective, the United Kingdom ranked 4th out of 10 countries with the most number of ransomware detections. In fact, UK businesses that fell victim to cyber attacks lost approximately £30 billion in 2016.
Small businesses and self-employed people are often the targets of such attacks, causing 15% of revenue loss during downtime.
Hackers and computer programmers create malware for a few reasons:
- To steal data (e.g. credit card and bank details, passwords, personal data, etc.)
- To gain advantage over a business competitor (often referred to as corporate espionage)
- To leave you open to further attack
- To show off
How Does Malware Infect Machines?
Properly handling this risk entails understanding the different types of malware that could potentially infect your computers.
Although “malware” is the commonly used word, it is actually the umbrella term to many forms of cyberattack:
- Spyware – Designed to spy on a user, it sits quietly in the background while tracking everything you type, including passwords, credit card numbers, online behaviour, etc. This is often how identity theft succeeds, as a user installs an executable file with spyware attached to it (e.g. phishing scams).
- Trojan – In the same way as the Trojan Horse caused the downfall of the city of Troy, Trojan viruses get inside your computer by disguising itself as a legitimate software. Once downloaded, it creates backdoors that would then give hackers access to your computer.
- Viruses – Viruses attack a device when a user clicks on an infected executable file. It would then spread to all files and programs, corrupting your files, rendering your device unusable, and affecting your OS.
- Worms – Worms damage one computer and then replicate itself, as it spreads from one device to another. Unlike viruses, they do not require users to click on a file; they take advantage of security flaws, often spreading via mass emails sent to a user’s list.
- Ransomware – This malware would put your computer in lockdown, holding your files hostage until you paid the hacker a fee to decrypt the files. Also referred to as scareware, the sophistication of this program can put businesses in trouble unless they have updated data backups.
- Adware – Although not as malicious as the others, adware would redirect users to a particular page every time they fire up their browsers. Eventually, it would slow your device down.
- Botnets – This is a network of infected computers, all under the control of a hacker.
These malware attacks can cause a significant decrease in company production, loss of valuable and confidential data, add to repair time and expenses of infected devices, and customer dissatisfaction.
In worst case scenarios, malware attacks can shut down a business.
How Can You Protect Your Business From Malware?
As evidenced by recent events, malware programmers are writing more sophisticated software that it could even affect the biggest of companies.
Identifying the entry point can be difficult. For instance, phishing emails can be masked so well that it could even fool this expert on hackers.
It is always best to be proactive in protecting your business, rather than dealing with the fallout of an attack.
1. Update your software
Whenever your OS prompts you for an update, download it.
The widespread attack of the WannaCry ransomware is often attributed to organisations that did not update their software. In fact, a month before the attack, Microsoft issued a patch to cover the very same vulnerability that the WannaCry ransomware used.
Aside from the OS, update your browsers, antivirus software, anti-malware software, firewall, and spam filters.
2. Secure your hardware
Cyber attacks can also come in the form of stealing your electronic equipment. Without proper security, a burglar can easily walk away with loads of confidential information about your business and customers.
Improve your company’s security by:
- Reminding your staff to keep server rooms door closed and locked
- Investing in sophisticated security keys or hardware-based encryption
- Considering cloud software that can track all company devices, even those that were stolen
3. Encrypt your data
Encrypting data is a defensive tool that can still protect your business in the event of a breach. Hackers would find sensitive data difficult to understand if it is encrypted.
Most operating systems have full-disk encryption tools. Keep in mind, however, that encryption would only be triggered if an unknown user (in this case, a hacker) does not use the programmed login details.
To maximize this feature, make sure computers are set to automatically log out after five to ten minutes of inactivity. If a hacker slips in when one of your staff goes out on a break, they would only gain access to encrypted files.
4. Educate yourself and your staff
Both you and your employees should be aware of security measures that every individual can take to help the company. Some of these include:
- Using unique and strong passwords.
- Knowing how to spot phishing attacks like syntax and grammar errors, as well as email addresses with a number of full stops.
- Paying attention to web page URLs and see if these are, for example, the legit website of a bank or an online store. Sensitive information should not be shared with a website that does not have the “https” on their URL.
- Avoiding downloading files from unknown and untrusted sources.
- Avoiding posting confidential data online (e.g. birthday, the city you were born in, mother’s maiden name, etc), be that on blogs or social media.
5. Backup your data
Backup your data often. Daily, if possible. Use hardware instead of cloud storage, as hackers can still access the latter. In the event of a ransomware attack, you would not have to pay to gain access to your files.
You can also consider trusting a professional IT team to backup your data into an encrypted USB, stored in a remote location.
So the unthinkable happened—malware infected your computers. Time is of the essence in this scenario. You need to act swiftly and methodically if you are to stop the malware from spreading:
1. Change passwords
Remove access to any sensitive information by changing passwords of accounts with administrator rights.
After this, the next step depends on what kind of attack you are experiencing. If it’s the kind of malware that directs your website into another site (e.g. porn), contact your host to fix the problem. Reset all passwords involved.
2. Disconnect
If it’s ransomware that hacked your system, disconnect the infected computer from the network and shut it down. If the malware will not allow you to shut down the device, pull the power plug.
To err on the safe side, turn off WiFi and Bluetooth for other devices connected to the network until the malicious file is identified and dealt with.
3. Alert the authorities
If you run a company that stores customers’ sensitive information, you need to deal with the legalities involved. Law enforcers have improved their process to track down—or at the very least, record—malware attacks.
If you are the victim of a ransomware attack, you may also need advice on whether you will pay the hackers or not. This is where backup data would save your business.
4. Communicate with customers
Transparency with customers is vital. Let them know the extent of the attack, how it would affect them, and what they should do. Expect unhappy customers. You can offer discounts to your services or products to help alleviate dissatisfaction.
Knowledge is vital when improving your business’ cybersecurity. Look at your business from an organisational perspective and see how you can improve the process of handling data and data breach. Draw up new policies, if necessary.
Accept that there are risks but know that there are ways you can do to prevent them.