5 Lessons 2017 Taught Us About Ransomware Share Ransomware has become one of the biggest cybersecurity threats for everyone from individuals to small businesses to large corporations. Unfortunately, this type of malware is on the rise due to its ease of deployment and its effectiveness. For most workplaces, a number of improvements are necessary in order to adequately protect systems and data from cyber blackmail. So What Did We Learn About Ransomware in 2017? 1. System updates are essential. Are you the type of person who clicks “ignore” when a notification pops up asking you if you want to update your system now? You might want to rethink that strategy. Developers release updates containing security patches to fix known holes in their security. If you haven’t installed a security patch update, you’re potentially leaving yourself vulnerable to cybersecurity attacks. Just be sure to only install patches from the real company, as fake patches are one of the more popular ways to distribute ransomware. 2. The costliest part of ransomware isn't the ransom. Interestingly enough, the most expensive aspect of ransomware is not the ransom itself. It is actually the cost of lost business and productivity due to the time spent getting systems back online. Small businesses don’t have the same manpower as larger corporations, and it takes them longer to get their systems up and running when restoring from backup. Additionally, if you host secure or confidential data, a publicized data breach can hurt your company’s reputation, causing even more lost revenue. 3. Backups aren't always as effective as people think. It shouldn’t come as a surprise that after ransomware disables your antivirus protection, among the first targets it attacks are your backups. The backups you’ve set up and protected can be gone in a flash. To protect yourself against data loss, always keep a current backup stored offline. If it’s not connected to your internal or external network, attackers have no way to damage the file. 4. Educating staff is a must. Your staff can be the weakest link in safeguarding your systems against malware. Attacks use social engineering to persuade people to click, download or open files even if they don't know the sender. These files can contain ransomware that will infect your system. If your staff isn’t educated about organizational vulnerability to an attack, they don’t know to be constantly vigilant against phishing email links or downloads. Offering ongoing education and promoting awareness of cybersecurity are crucial. 5. Have a plan. Cyber attacks have changed and grown over the past year, and we want to help you better protect yourself and your business. In addition to constant vigilance, you should always have an incident response plan in the event you suffer from an attack that renders important data inaccessible.