Businesses large and small are under threat from increasingly aggressive and brutal ransomware attacks. Loss of access to critical files, followed by a demand for payment, can cause massive disruption to an organization’s productivity.
Hacking is becoming easier while attackers are becoming more sophisticated in their approach. Exploit kits can be purchased for only a couple of hundred dollars on the internet. These kits make it simple for less tech-savvy criminals to initiate, complete and benefit from a ransomware attack.
There are multiple ways that a ransomware attack starts. Common techniques include:
Malicious Emails Today’s criminals are crafting emails that are indistinguishable from genuine ones. They are grammatically correct, with no spelling mistakes and often written in a way that is relevant to you and your business.
Poisoned Websites Another common way to get infected is by visiting a legitimate website that has been infected with an exploit kit. Even popular websites can be temporarily compromised. You browse to the hacked website and click on an innocent-looking link, hover over an ad or in many cases, just look at the page. That’s enough to download the ransomware file onto your computer and run it, often with no visible sign until after the damage is done.
Staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices, including regular training for employees, are essential components of every single security setup. Make sure you’re following these 10 best practices:
- Patch Early, Patch Often Malware that doesn’t come in via a document often relies on security bugs in popular applications, including Microsoft Office, your browser, Flash and more.
- Backup Regularly, Keep a Recent Backup Copy Off-Line and Off-Site There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands. Furthermore, a disaster recovery plan can cover the restoration of data and whole systems.
- Enable File Extensions The default Windows setting is to have file extensions disabled, meaning you have to rely on the file thumbnail to identify it. Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript.
- Open JavaScript (.JS) Files in Notepad This is advanced but an extremely effective solution. Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.
- Don’t Enable Macros in Document Attachments Received Via Email Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of infections rely on persuading you to turn macros back on, so don’t do it!
- Be Cautious about Unsolicited Attachments The crooks are relying on the dilemma you face knowing that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt, leave it out.
- Monitor Administrator Rights Constantly review administrator rights. Know who has them and remove those who do not need them.
- Stay Up-to-Date with New Security Features in Your Business Applications Other than new features with newer versions of software, they also come designed with security features such as blocking macros in Office applications.
- Regulate External Network Access Don’t leave ports exposed to the world. Lock down your organization’s remote access and other management protocols. Furthermore, use two-factor authentication whenever it is offered.
- Use Strong Passwords It sounds trivial, but it really isn’t. A weak and predictable password can give hackers access to your entire network in a matter of seconds. We recommend making them impersonal, at least 12 characters long, using a mix of upper and lower case and adding a sprinkle of random punctuation Ju5t.LiKETh1s!
To stop ransomware, you need to have effective and advanced protection in place at every stage of an attack: Firewalls with built-in active security, AntiVirus Software, a patching method for your computer(s), regular training of employees and, finally, a safe and secure backup solution to get your data back in the event of an attack. QCBN
By Theo Soumilas
Theo Soumilas is the owner of Northern Arizona IT servicing the Quad Cities and Northern Arizona.
For additional information or to schedule an appointment for a free assessment, call 928-719-7724 or visit northernazit.com.
Leave a Reply