4May 2016
How to Avoid being a Victim of Ransomware
Orchestrated and targeted security attacks are on the rise. The bad guys are getting smarter, and richer. In the face of ever increasing cyber security threats, are you confident that your business systems are well protected? Here are a couple of things that can go a long way in avoiding being a victim:
- AntiSPAM & Threat Protection
- Use a reputable threat protection suite.
- Ensure all computers are updated regularly, routine scans are scheduled and real-time monitoring is enabled.
- Ideally, your threat protection suite includes behavior monitoring to prevent encrypting the data on server shares by unauthorized programs.
- While a fully functioning threat protection suite has been standard for some time, it is now becoming common for companies to employ a first line of defense at the firewall. Firewall technologies such as next generation Unified Threat Management protection for network, web, email, application and users. Stop attacks before they reach your computers.
- Ensure that any access points into your network are adequately protected.
- Any access points into the network such as Citrix, SharePoint, etc. should be scrutinized to ensure that they hold up to current best practices for threat prevention.
- Patch / Update Software
- Malware authors frequently rely on people running outdated software with known vulnerabilities, which they can exploit to silently get onto your system. It can significantly decrease the potential for ransomware-pain if you make a practice of updating your software often. Some vendors release security updates on a regular basis (Microsoft and Adobe both use the second Tuesday of the month), but there are often “out-of-band” or unscheduled updates in case of emergency. Centralized systems should be employed ensuring that critical and security updates are automatically distributed to all of your computers.
- Back up your data
- Plan for a quick recovery in the event of a disaster. If you are attacked with ransomware you may lose that document you started earlier this morning, but if you can restore your system to an earlier snapshot or restore your other lost documents from backup, you can rest easy. Remember that most ransomware will also encrypt files on drives that are mapped. This includes any external drives such as a USB thumb drive, as well as any network or cloud file stores that you have assigned a drive letter. You need a regular backup regimen that would not be compromised in the event of an attack.
- Security Awareness Training
- Employees should know what to be on the lookout for. They should be aware of what is safe to click on and what to avoid.
- Employees should also know to raise the alarm bell immediately if they suspect that their system has been compromised. Disconnect from WiFi or unplug from the network immediately and notify IT Support
Contact your IT department to ensure that you are doing everything possible to avoid the damaging effects of these attacks.
If you have any questions, please don’t hesitate to contact us. A few of the services we provide are:
- A security review of your systems.
- Security Awareness Training for your employees.