Ransomware: How its moved the I.T. security goalposts

May 17, 2017 |

Ransomware

As the fallout from the “Wannacrypt” outbreak continues, the harsh reality is that the issue of cyber security is once again at the front of the agenda with and ransomware now the top security concern worldwide. A new approach to security is needed and a multi layered approach needs to be taken in preventing data loss to your business.

What is ransomware?

mean man

Ransomware is a sophisticated piece of malware that blocks the victim’s access to his/her files, and the only way to regain access to the files is to pay a ransom. Ransomware targets both businesses and home users.

How do ransomware infections happen?
  1. Initially, the victim receives an email which includes a malicious link or a malware-laden attachment. Alternatively, the infection can originate from a malicious website that delivers a security exploit to create a backdoor on the victim’s PC by using a vulnerable software from the system.
  2. If the victim clicks on the link or downloads and opens the attachment, a downloader (payload) will be placed on the affected PC.
  3. The downloader uses a list of domains or C&C servers controlled by cyber criminals to download the ransomware program on the system.
  4. The contacted C&C server responds by sending back the requested data.
  5. The malware then encrypts the entire hard disk content, personal files, and sensitive information. Everything, including data stored in cloud accounts (Google Drive, Dropbox) synced on the PC. It can also encrypt data on other computers connected to the local network.
  6. A warning pops up on the screen with instructions on how to pay for the decryption key.
How can we prevent it?

safety first

Unfortunately, there is not a one size fits all magic bullet available and as SME’s we need to rethink our approach to combating it and to have contingency’s in place if or when it does hit.

A new managed approach needs to be taken to layer our security against these new threats.

If you would like to speak to A to Z Computers on how you can improve your security and limit your exposure to data loss, feel free to give us a call on 056 7712918 or email us at info@atozcomputers.ie We can arrange for you to have a free security audit of your business.