In September 2017, shipping company FedEx became the victim of a cyberattack. A virus attacked FedEx’s subsidiary, TNT Express, crippling its computer systems around the world. Although no data breach occurred, FedEx incurred losses amounting to $300 million.
Ransomware is one of the most malicious cyberattacks that could affect your organisations. Its impact depends on the severity of the virus. You could temporarily lose data, or it can damage your company’s reputation.
How Ransomware Attacks Your Database
Ransomware attacks come in a variety of ways, including:
- Phishing Attack
You receive an email with an infected attachment. Once you open the attachment, the ransomware will execute an attack on your database.
- Database Decryption
Attackers identify weaknesses in your network and encrypt files on your database. When you try to access the database, a pop-up message will appear and ask you for payment to decrypt the files.
What Can You Do?
Even if your database management system, like Microsoft SQL Server, offers stringent support against ransomware, it can only do so much. Database security is a multi-layered effort that requires not only your IT department but also your entire staff.
Here are measures you can take to protect your database:
- Back up your data to another location
Have backups of your data in locations that aren’t easily network-accessible. Consider backing up your files in secure cloud storage. Limit people who will have access to the backup location only with the IT department and upper management.
- Use admin credentials
Instead of using standard credentials for logging into a database server, assign admin credentials with multifactor authentication. Some organisations take a step further by separating their database domains so other production systems won’t be affected in case of an attack.
- Update your system
Keep your systems updated with the latest server patches. Encourage other departments in your organisation to update the devices that they use.
- Involve your team
Inform your team about the importance of data security. Communicate the impact of ransomware attacks on your business. Their daily activities — like accessing the database on an open Wi-Fi network or opening personal emails on a work device — could potentially undermine the business.
Include security measures in employee sessions and the onboarding process. Test their knowledge regularly and refresh them as needed.
- Train your organisation’s response to a ransomware attack
Create a manual that details how your team should respond to a ransomware attack. Give your employees a channel, like an emergency number, to alert their immediate supervisors or the IT team of suspicious activities.
Generate a variety of ransomware attacks that occur, including common ones like phishing attacks. List steps on what employees should do in case they encounter these attacks.
How Do You Respond to a Ransomware Infection?
In case your database is affected to a ransomware attack, here’s what you can do:
- Isolate the infected database. Separate your database from the rest of the network and disable all networking capabilities like Bluetooth and Wi-Fi.
- Turn off relevant devices. Shut down all infected devices and secure them in a central location.
- Secure your backups. Make sure that your backup location is secure and offline. Scan your backup data to ensure they’re free of ransomware.
Ransomware attacks affect your organisations in a variety of ways, most of them leading to losses. Boosting your database security and getting your employees involved is your last line of defence in any attacks you’re likely to have.