A ransomware attack on Kronos, one of the largest human resources companies, may keep its systems offline for weeks, and the attack impacts city governments, universities and even hospitals like Baton Rouge’s Our Lady of the Lake.
Baton Rouge-based Stephenson Technologies Corporation works to study and prevent attacks on businesses, and Michael Marchese and Ryan Smith, both information systems security engineers at Stephenson, offer these tips to companies.
- Backups: The biggest protector against attacks are backups that aren’t connected to your network. Attackers will encrypt your data with a key you don’t know. If you have a backup, you can put it on a new hard drive, and your information will be back up in minutes. Timely backups are also important, Smith says, and companies should be backing up their information as often as they can afford.
- Email links: Most ransomware spreads via email links. If you see a link in an email, don’t click it, especially if it’s from someone you don’t trust. If an employee’s account gets compromised, their account could send you a link that will compromise your computer’s information.
- USB drives: Don’t plug in random USB drives. This is the second most common way ransomware spreads, and all it takes is one computer for a business to be compromised.
- If your business is attacked: Immediately contact law enforcement. The biggest thing is containment, Marchese says, and one of the first things you should do is turn off systems and disconnect networks. If you’re lucky, he says, you can save a few things.
- Paying the ransom: Sometimes it’s necessary, Marchese says. If your critical information goes down and you don’t get it back, it could be detrimental for businesses like hospitals.