Hackers often use a variety of methods to get access to a telecommunication company’s critical data needed for normal day-to-day operations such as a database file, encrypt this data with a password such that the data can no longer be usable in its current form, then demand a ransom to be paid for the company to get a password for decryption of the data. Because of how important the data is to the company, and how its unavailability can impact on the customers that depend on their services, the companies would usually have no option than make the ransom payments. Hackers often demand these payments be made in cryptocurrencies like Bitcoin, so as to make it difficult or even impossible to trace.
Hackers often target data and services that will affect the company’s reputational damage, such that it becomes cheaper to pay the ransom than take any alternative approach towards recovering the data or services that have been compromised.
It is recommended that companies that depend on some key data keep a backup of the data in a different data centre such that any compromise on data held at one centre will not leave them without critical data that they need to operate. The backup should be updated each time there is a change on the master file. In the event that the data in the master file is encrypted by attackers, restoring from a backup would help avoid paying any ransom.
As important as it is to have a trusted backup, it is more important to find ways to keep attackers from even getting access to the files. Softwares and antivirus programs must be up to date so that there would not be any loopholes hackers can take advantage of to get access to critical data.
Employees must be educated on how to detect and avoid phishing pages, emails and links.
Access to critical data must be limited only to those who need them.
Every account that has access to critical data must have strong passwords and a password change must be forced at every interval.