When major organizations like the BBC, NHS, & many more are affected by malware on their servers; it begs the question – who is safe? After all, aren’t these some of the biggest organizations in the world? Surely, they can afford the best-of-the-best in anti-virus programs?
First, we need to analyze what these attacks achieve and use, then we can look at how to combat it.
Is there a difference between Malware & Ransomware?
The short answer: No. Ransomware is a type of malware.
The longer answer: Malware is: software that is intended to damage or disable computers and computer systems. Ransomware is a type of malware that results in encrypting a user’s data, then demands payment in exchange for unlocking the data.
Another form of ransomware is simply where the hackers’ block normal access to the user’s system. Malware also includes, viruses, worms, or Trojans, spyware, rootkits, and more.
Why Don’t Traditional Cybersecurity methods work?
Computer virus writers, and cybercriminals have one simple objective. Distribution.
They want to ensure that their virus, worm, or Trojan infects as many computers, servers, and mobile phones as possible. This maximizes their malware penetration.
The creator of the malware will often take steps to ensure that AV programs do not detect that a system has been penetrated. This ensures longevity of the malware; resulting in the most possible damage and effect.
It will often also result in an unsuspecting user paying their demands to ‘fix’ the problem.
What can be done?
There are some very simple, effective ways to prevent cyberattacks on your computer system.
The downtime of the NHS in England, earlier this year, is an example we all want to avoid. Full IT system shutdown had to be performed to prevent the spread of the attack.
With companies as large as those previously mentioned being affected, some of the best advice is often the simplest:
- Regular updates of your software and firmware is crucial. At least once a week will ensure that you’re best protected.
- Ensure you have a firewall, utilize DDoS protection services.
- Ensure remote access (such as FTP) is minimal where possible; and secured.
- Use security tools that are provided with your web server software, and more.
If you’re tech-savvy there are many systems you can put in place like server hardening, or encryption. But for those of you who aren’t tech-savvy; you don’t need to worry! There are plenty of pros out there who will assist you in setting up, installing, and maintaining the security of your server.
One final thing that can be done is to be vigilant. Pay attention to and stay up-to-date with web hosting industry news and cyber security news. This is a simple and effective way to anticipate your future needs and the security of your server.