Most of you by now would have seen that the NHS and many other organisations around the world are infected with various encryption viruses. This has happened because one person on the inside has accidentally opened an email or clicked on a link in an email that they should not have. Then there is chaos!
Unfortunately, some of our clients have also been infected.
You must know this:
Ransomware is a very invasive form of malware and it has been around for many years, presenting a significant threat to your computer system. It infects your computer and network and encrypts your vital files and data, remaining an effective way for criminals to get what they want.
Ransomware is generally not targeted at any specific individual or organisation – it is opportunistic. Therefore, it’s important that every user is aware of this growing threat and know that ransomware is no different to other forms of blackmail and exploitation. It can take down or deface your website, lock a company out of its files using encryption and refuse to provide the unlock key unless victims pay a ransom.
Anyone with an email address or a web browser can be a victim of ransomware because it can be delivered via:
- Phishing emails
- Drive-by downloads
- Malvertising
What makes a ransomware author’s job easier in the Digital Age?
- Sophisticated encryption technology is widely available – legitimate encryption is easier these days.
- Anonymity – anonymous networks have made it a lot easier to obscure the path from the victim machine back to the server and ultimately the perpetrator.
Every computer user should consider the following preventative measures:
- Application control – one of the effective preventative measures is to closely manage devices and only allowing IT approved applications to run. It means that ransomware will not be able to execute unless it is specifically authorised and also it will effectively be blacklisted preventing its future invasion.
- Have a patch and remediation plan in place – make sure the automatic updates are turned on.
- User training and vigilance is essential – commonly, ransomware is delivered as a PDF, ZIP, or DOC file attached to a phishing email. Busy users are more likely to click on the attachments without a second thought but it is important to remember and not to click on any zip. attachment on an email or open a .pdf file from an unexpected or unknown sender.
- Surf safe and avoid visiting dubious websites that may have been corrupted to deliver malware. Secure browser configurations will also add to your security. Any settings related to third-party websites should be restrictive.
- Every business regardless of its size should have an automated backup with a retention policy in place. Data backup must be an integrated part of any enterprise. Removing Ransomware is hard so if you have an automated, managed and monitored backup in place you will be able to restore your data. If not then your choices are:
- Pay the ransom and hope that the offenders will enable you to recover your data and not attack you again,
- Or rebuild your affected computer from scratch and manually rebuild the system and data.
Having a preventative strategy in place can save your enterprise from financial loss and reputation damage. Maintaining up-to-date file backups is essential. Data backup should be an integrated part of your business, the best data backups are automated, managed and monitored and are fast to recover when the worst happens. Moreover, user training and education as well as ensuring device software is up to date all contribute to security.
If all else fails and you are infected disconnecting your computer from the network is a good first step towards recovery.
If you would like to obtain more information about how to improve your sensitive data safety, backup options for your business or any other IT related topics then please get in touch with me on 01522 797520 or info@octagontech.com.
Kamila
