Ransomware: How its moved the I.T. security goalposts

May 17, 2017 |

Ransomware

As the fallout from the “Wannacrypt” outbreak continues, the harsh reality is that the issue of cyber security is once again at the front of the agenda with and ransomware now the top security concern worldwide. A new approach to security is needed and a multi layered approach needs to be taken in preventing data loss to your business.

What is ransomware?

mean man

Ransomware is a sophisticated piece of malware that blocks the victim’s access to his/her files, and the only way to regain access to the files is to pay a ransom. Ransomware targets both businesses and home users.

How do ransomware infections happen?
  1. Initially, the victim receives an email which includes a malicious link or a malware-laden attachment. Alternatively, the infection can originate from a malicious website that delivers a security exploit to create a backdoor on the victim’s PC by using a vulnerable software from the system.
  2. If the victim clicks on the link or downloads and opens the attachment, a downloader (payload) will be placed on the affected PC.
  3. The downloader uses a list of domains or C&C servers controlled by cyber criminals to download the ransomware program on the system.
  4. The contacted C&C server responds by sending back the requested data.
  5. The malware then encrypts the entire hard disk content, personal files, and sensitive information. Everything, including data stored in cloud accounts (Google Drive, Dropbox) synced on the PC. It can also encrypt data on other computers connected to the local network.
  6. A warning pops up on the screen with instructions on how to pay for the decryption key.
How can we prevent it?

safety first

Unfortunately, there is not a one size fits all magic bullet available and as SME’s we need to rethink our approach to combating it and to have contingency’s in place if or when it does hit.

A new managed approach needs to be taken to layer our security against these new threats.

If you would like to speak to A to Z Computers on how you can improve your security and limit your exposure to data loss, feel free to give us a call on 056 7712918 or email us at info@atozcomputers.ie We can arrange for you to have a free security audit of your business.

 

What is Ransomware and how to protect your business against it.

August 23, 2016 |

Ransomware is a form of malware typically installed in a system through a malicious email attachment or visiting a malicious website. Once the ransomware infection has access to a computer system, it will then proceed to encrypt all data it can see on that system, and on any accessible network drives.  This means that one user can open an innocuous looking email attachment, and inadvertently allow Ransomware to encrypt the entire Server/PC data for your business within minutes.

The only option for getting your data unencrypted at this point will be to pay a hefty ransom to the cyber criminals who carried out the attack.

The threat of Ransomware has increased significantly in recent months, with reports of numerous businesses in Ireland being targeted. There are
however a few important steps which can be taken to help prevent Ransomware attacks on your business.

  1. Backups, Backups and more Backups

By far and away the most important step is to ensure you and your business have up to date and working backups of your data. This data should be stored offsite and not on the same network as your machines, or the backup itself could also be compromised. An effective online backup is the best defence your business can have against Ransomware. In the event of an attack, data from (at worst) the previous day can be restored and your business can carry on as normal.

  1. Anti-Virus Software and Windows updates

Many (not all) Ransomware infections can be detected by up to date Anti-virus software preventing and attack taking place.  Ensuring all the latest updates for Windows are installed is also vital to shore up any potential security holes in your operating system the Ransomware may try to exploit. Similarly, running an up to date version of Windows is essential: If you are still running Windows XP for instance, you are asking for trouble!

  1. Educating staff around email and internet usage

Ransomware can only access a computer network if it is “allowed” to, i.e. someone opens an attachment from a suspicious source which results in all company data on the Server becoming encrypted. There are a few simple rules to follow for all users:

  • Do not open e-mail attachments from senders you do not know
  • Do not click on links in e-mails from senders you do not know
  • Check for misspelled domains (e.g. .rncom instead of microsoft.com)and bad spelling in e-mails
  • Do not open any .zip attachments unless you are 100% expecting such an email
  • Do not click on internet pop-up ads

By following the steps above you can go a long way towards protecting your business from Ransomware.  If you want any further information on Ransomware or I.T. security in general please call A to Z on 056 7712918 or email info@atozcomputers.ie and we will be happy to help.