How to avoid a CryptoLocker attack

Given that between 60% and 90% of organisations fail after a security breach or data loss – and with plenty in the news about CryptoLocker attacks and GDPR fines – it’s never been more important for SME owners to make sure sensitive company data is stored somewhere safe.

By protecting your data, you’ll not only minimise the level of damage if you were to become the victim of a cyber-attack, but also enable rapid recovery in the event of a power outage or natural disaster, for example.

Not all back-up solutions are made equal

If you are storing a large amount of data, it’s vital that you are taking adequate precautions to keep the information safe – in order to do so, it’s important to know which product is right for you and your business.

One option is to choose a system to which the storage media that the back-ups are saved on, is continuously connected. Known commonly as replication, this method is probably the easiest – and quickest – solution to restore your systems in times of a crisis. This technique also reduces the amount of data altered between back-up windows.

However, it’s worth mentioning that it’s also the most susceptible to a cyber-attack. Why? If your server or PC becomes infected and the back-up media is uninterruptedly attached to the same machine, there’s a simple path for the crypto to pass through, meaning your back-up data itself can easily be compromised.

How do I protect myself from a cyber-attack?

A correctly configured programme will take a snapshot of your system at a set time each day, and send the information directly on to tape, cloud or disconnected storage. Whilst restoring from this type of back-up can be slower, the safety blanket it provides is invaluable – as it’s impossible to be compromised by a CryptoLocker attack.

If you’re worried whether your current back-up solution is CryptoLocker safe, our team of highly-skilled IT experts at Q2Q can offer help and advice, as well as state-of-the-art back-up and replication services which can be tailored to you and your business. We’ve included below our top tips for keeping your data safe.

1. Use third-party anti-spam scanning to reduce email threats
2. Be vigilant with unknown emails or suspicious documents on USB sticks
3. Never download attachments from unknown senders or sources
4. All machines should be running up to date Anti-Virus
5. Backup data should be stored outside of the server, such as on removable drives or the cloud
6. Have a documented disaster recovery process in place to help speed up recovery if the worst does happen
7. Test the backups to ensure they work – and you know how long it will take to recover your files
8. Where possible, restrict remote access to specific staff during set hours
9. Shared folders should have tightened permissions
10. Remove or disable any old user accounts