Enterprise Europe Network

5 tips to protect your business from ransomware

Posted: 16 Nov 2020
Liesbeth  Sparks and Herman Hartgers
By Liesbeth Sparks and Herman Hartgers
Dutch Chamber of Commerce (KVK)

There is a good chance that you and your employees are working from home due to Covid-19. This means you are likely to be more vulnerable to online attacks. By ransomware, for example. How does ransomware work? What can you do to protect yourself? Choose to be one step ahead of cyber criminals. As an entrepreneur, you can take a few precautions against ransomware. Here are our five tips to keep your business safe!

computer screen with code

What is Ransomware?

Ransomware is a software that takes your computers and files hostage. Criminals block or encrypt your computers, files, sometimes even entire networks, and only release them if you pay a ransom.

Paradise, Kokokrypt, Popcorn, Mira: they sound like funky summer hits, but they are actually sneaky software programs designed to extort money from companies. An international survey conducted across 26 countries reveals that around half of the international companies and organisations interviewed were attacked by ransomware in the first months of 2020. This percentage has been roughly the same since 2017.

What is the impact of ransomware?

Ransomware uses different attack forms. Criminals try to get their malware into your system through links, attachments in e-mail, advertisements, but also through targeted attacks on servers. Once inside, the ransomware spreads itself. The software blocks access to your computer or network, or encrypts your files. Through a pop-up, the criminals behind the attack demand payment, often in bitcoin or another crypto currency.

Ransomware attacks are closer than you think

Attack levels vary across Europe. Some countries are hit more than others. For example: around 60% of companies in Belgium and Sweden suffered from an attack in recent months. On the other hand, only about a third of Polish companies were attacked. Finally, in many European countries like Spain, the Netherlands, Germany and France, around 50% of companies were targeted.

What can you do after a ransomware attack?

What should you do if you have been attacked? First of all, contact your IT administrator if you have one. There are, however, other ways to protect your computer and your data from ransomware attacks. Here you have five!

1. Investigate which ransomware is involved

You need a decryption key to unlock your files. Luckily, the keys to certain older ransomware are known. You can check this on nomoreransom.org, an international partnership between security companies and the police. Removing ransomware from your systems is quite complicated, so it is best to call in an expert.

2. Do not pay ransom

Of course, that’s easier said than done. There are indeed companies that have no other option. In the first two months of 2020, 26% of international organisations paid criminals a ransom after an attack with malicious software. Paying criminals, however, only perpetuates this form of crime. That is why Europol advises not to pay. Report the attack to your police.

How to prevent the attacks

It is always better to be one step ahead of cyber criminals. As an entrepreneur, you can take a few precautions against ransomware.

3. Invest in backups

A backup, especially if you keep it in an external location, is a good protection against ransomware. This means that paying a ransom for your data is not even an option! The aforementioned study shows that 56% of attacked organisations worldwide eventually got their data back through their own backups.

4. Use good antivirus programs

It sounds obvious, but only good virus scanners that recognise ransomware will keep you properly protected and able to fend off the attackers. About a quarter of the companies hit in early 2020, managed to thwart the attack before their files were encrypted.

5. Stay alert!

Experts warn: humans are a weak link in data security. Clicking on a link or opening an attachment only takes a second: so be careful. Always be suspicious of e-mails from strangers, and make sure that your employees do not receive private e-mail via the business e-mail address.

Reporting cybercrime

  • If you have fallen victim to cybercrime, it is a good idea to report the crime to law enforcement in your country. Reporting mechanisms vary from one country to another.
  • Most European countries also have a National Cyberdesk where you can report your cyber incidents. For example, in the Netherlands, you can get help thanks to the The Dutch Fraude Help Desk.

Photo by Shahadat Rahman on Unsplash

About the author

Liesbeth Sparks was trained as a historian and writes on cybersecurity for the Dutch Chamber of Commerce (KVK). Herman Hartgers is an international connector within the security domain and helps to improve more cybersecurity awareness for SMEs.

Disclaimer

The information and views set out in this blog are those of the author(s) and do not necessarily reflect the official opinion of the European Union. Neither the European Union institutions and bodies nor any person acting on their behalf may be held responsible for the use which may be made of the information contained therein.