How Not To Become A Ransomware Victim

Ransomware has proven to be very lucrative for cybercriminals, so it makes sense that these kinds of attacks are being aimed at online retailers.

“If online businesses don’t have good security and backup plans and are victimised by ransomware, the impact can be devastating,” said to Craig Young, security researcher for Tripwire.

“In some cases, ransomware victims do not gain access to their files even after paying the ransom. It’s much more effective to protect your business against infections than to take action after you’ve been attacked.”

Young has identified the following five crucial steps online retailers can take to protect themselves from ransomware:

1. Stay up-to-date

Keep plug-in software, especially shopping carts and blogging components, up-to-date at all times. As soon as a patch for a software vulnerability becomes available, cybercriminals have the information they need to start exploiting any systems that have not yet been updated.

2. Avoid single point failure

Make sure Web servers are not the sole repository for the website’s source code, data and security certificates. Keeping this content in a source code revision tracking system ensures that a Web server does not become a single point of failure. In the event of a ransomware attack, the owner does not risk losing the intellectual property contained in the website source code.

3. Replicate

Regularly replicate data files and databases so that the system can be easily restored on a fresh server in the event of a cyberattack.

4. Go for a minimalist approach

Minimise the software applications and services on production Web servers; it should not be used as a workstation. Ideally, nothing should be stored in home directories except for basic configuration files. This limits the potential risk for data loss.

5. Back it up

Various online services like Amazon Glacier and Iron Mountain provide the ability to back up important data and can be used to recover it in the event of catastrophic loss. Alternately, the use of virtualised servers updated with snapshots of key data that occurs at regular intervals minimises the risk posed by cybercriminals.

How much do you know about hackers and viruses? Try our quiz!

Duncan Macrae

Duncan MacRae is former editor and now a contributor to TechWeekEurope. He previously edited Computer Business Review's print/digital magazines and CBR Online, as well as Arabian Computer News in the UAE.

Recent Posts

Google Jarvis AI Extension Leaked On Chrome Store

Seemingly accidental leak reveals Google is developing Jarvis AI extension that can browse the web…

1 day ago

Amazon Mulls New Multi-Billion Dollar Investment In Anthropic – Report

Amazon is reportedly in talks to pump billions of dollars more into AI start-up Anthropic,…

1 day ago

FTX’s Caroline Ellison Begins Her Two Year Prison Sentence

Star witness for the US prosecution of FTX founder Sam Bankman-Fried, has begun her two…

1 day ago

More Layoffs For iRobot Staff After Abandoned Amazon Deal

After axing 31 percent of its workforce when it failed to be acquired by Amazon,…

2 days ago

Mozilla Foundation Confirms Layoffs, Eliminates Advocacy Division

Mozilla Foundation axes 30 percent of its staff, and is eliminating its Advocacy Division that…

2 days ago

Google To Make MFA Mandatory Next Year

Improving security. Mandatory multi-factor authentication (MFA) is coming to the Google Cloud by the end…

2 days ago