Malware And Ransomware Protection: Beating An Ever-Evolving Threat Through Employee Training

A graphic of a hacker which emphasises the importance of ransomware and malware for SMEs

Articles about malware and ransomware protection often focus on the technologies needed to defend your business. Indeed, this is the main focus of most IT-managed service providers (MSPs). An MSP will help you put in place anti-malware software and email antispam systems, for example. A growing number of businesses are also adopting proactive antivirus platforms that detect and prevent malware threats before they can cause harm to your devices. These proactive systems use algorithms to recognise suspicious behaviour and potential threats, rather than simply reactively scanning your systems for an infection that has already taken hold.

Your Employees: The Weakest Link and the Strongest Link

Despite this, however, many businesses fall down at the last line of defence – which is the user sitting at the computer. ‘Phishing’ attacks are increasingly common and complex, so all users need to understand the dangers and how much it could potentially cost their organisation.
The human part of a cyber security system is, unfortunately, often the weakest link. However, when your employees come to understand the dangers of clicking on suspicious links in emails and how clever phishing emails are, it will provide your business with greater all-round protection. Your employees then become the strongest link, actively identifying suspicious activity and reducing your overall threat level.

Malware and Ransomware Protection Best Practices

Most people are generally aware of the threat potential of spam emails, and some phishing attempts are laughably easy to spot. The bogus HSBC and HMRC emails, for example, are usually fairly transparent, as are the cryptocurrency requests from that relative stranded in Argentina or Nigeria.
However, many modern attempts are more sophisticated and are easy to overlook by busy employees clearing huge inboxes.
Recognising this threat and the ever-present risk of human fallibility, there are several best practices that every employee should follow to protect against malware:
  • Keep software updated to the latest versions: we recommend using a patching service or enabling automatic updates for your software systems, including your device OS, applications, and antivirus software to make sure you have the latest security patches.
  • Learn to recognise phishing attempts: be cautious about opening emails from unknown senders, even if they look legitimate. Look for common red flags such as misspellings, generic greetings, and urgent calls to action. Hover over all links to see the actual URL before clicking – if it looks suspicious, don’t click.
  • Use strong passwords that are difficult to guess: we recommend using a mix of letters, numbers, and symbols in all passwords, avoiding easily searchable information, such as personal or children’s birthdays, or common words.
  • Real-time data backup: if an attack does take place, it is essential to safeguard your data. We recommend a strong cloud backup service for all employees, even those working from home, to keep your business data safe from ransom requests and hardware failures.
  • Encourage cyber security awareness: enrol your employees in regular cyber security training to keep them informed about the latest threats and practical strategies for prevention.

Next Steps

At Vantage IT, we provide a bespoke training service to educate your employees about the dangers of phishing in emails, telephone calls (called phreaking – the ‘ph’ in these terms is a nod to 1990s hacker culture), and text messages (SMS and WhatsApp). The training consists of self-paced video content, followed by a questionnaire to help reinforce the learning, and then regular ‘test emails’ – simulated phishing attempts – throughout the year.
These emails are cleverly designed to look like genuine messages from legitimate organisations to tempt the user to click on links. If an employee does click on one of our test emails, they can have additional training as part of the service.
To find out more, please contact Vantage today by clicking here.

Image Source: Canva