As the fallout from the “Wannacrypt” outbreak continues, the harsh reality is that the issue of cyber security is once again at the front of the agenda with and ransomware now the top security concern worldwide. A new approach to security is needed and a multi layered approach needs to be taken in preventing data loss to your business.
What is ransomware?
Ransomware is a sophisticated piece of malware that blocks the victim’s access to his/her files, and the only way to regain access to the files is to pay a ransom. Ransomware targets both businesses and home users.
How do ransomware infections happen?
- Initially, the victim receives an email which includes a malicious link or a malware-laden attachment. Alternatively, the infection can originate from a malicious website that delivers a security exploit to create a backdoor on the victim’s PC by using a vulnerable software from the system.
- If the victim clicks on the link or downloads and opens the attachment, a downloader (payload) will be placed on the affected PC.
- The downloader uses a list of domains or C&C servers controlled by cyber criminals to download the ransomware program on the system.
- The contacted C&C server responds by sending back the requested data.
- The malware then encrypts the entire hard disk content, personal files, and sensitive information. Everything, including data stored in cloud accounts (Google Drive, Dropbox) synced on the PC. It can also encrypt data on other computers connected to the local network.
- A warning pops up on the screen with instructions on how to pay for the decryption key.
How can we prevent it?
- Install and use an up-to-date antivirus solution (such as ESET Anti-Virus).
- Make sure your systems are being regularly patched with windows updates.
- Avoid clicking on links or opening attachments or emails from people you don’t know or companies you don’t do business with.
- Where possible have a pop-up blocker running in your web browser.
- Regularly backup your important files.
- Educate your staff on opening attachments and clicking on links “think before you click”
- Have disaster recovery plan or business continuity plan in place.
- Update internal security procedures such as staff opening personal mail on business computers.
Unfortunately, there is not a one size fits all magic bullet available and as SME’s we need to rethink our approach to combating it and to have contingency’s in place if or when it does hit.
A new managed approach needs to be taken to layer our security against these new threats.
If you would like to speak to A to Z Computers on how you can improve your security and limit your exposure to data loss, feel free to give us a call on 056 7712918 or email us at firstname.lastname@example.org We can arrange for you to have a free security audit of your business.