Did you know that a company is hit with ransomware every 40 seconds? It’s true. In fact, ransomware dominates the world of security and has throughout all of 2017. Not only that, while attacks on businesses are increasing, the level of sophistication in distribution of the attacks have grown as well. Compliance mandates further complicate the issue and increase the cost of ransomware attacks. Since no one industry or company size is immune, it’s time to wake up and take notice.
What is ransomware?
Ransomware is malware that infects computers, networks, and services. The main goal of a ransomware attack is to shut your company down and get you to pay electronically and quickly. Perpetrators are not so concerned with your data or intellectual property. They want to get in, get paid, and get out fast.
What are the stages of a ransomware attack?
Stage 1: Installation
A victim opens an email attachment containing malicious malware or visits a website that has been compromised.
Stage 2: Contacts Server
The malware contacts the perpetrator’s server.
Stage 3: Encryption
Malware encrypts victim’s files making them unreadable.
Stage 4: Extortion
A message appears on the victim’s computer and displays a ransom notice. Ransom notices include: amount to be paid, payment deadline, and requirement to use electronic currency.
How can companies protect their people and systems from a ransomware attack?
Awareness and Training
First and foremost, make your employees aware of the threat that email, the Internet, and social media pose. Education about potential threats and methods for inadvertent engagement in a ransomware attack is vital. Hire a consultant or managed service provider to deliver a cyber security class to your entire company.
Create a separate network for social media and news sites. This assures that no cross contamination can occur between sensitive company data and un-secure sites.
Update Patches Constantly
Company software and third-party software need to be updated on weekly and sometimes daily basis. Perpetrators search for ways to infiltrate software. When they find a hole, they attack. Companies who develop proprietary software are constantly releasing patches to mitigate these attacks. These patches are your first line of defense against a malware attack.
It is important to automate the updates for your company’s anti-virus and anti-malware software. This assure your defenses are current and that you don’t miss an update.
Manage Privileged Accounts
Privileged accounts should be one of your company’s biggest concerns. A privileged account or administrator account typically controls access to all of the software and hardware inside your network environment. In order to manage these accounts wisely, it is important to have a password management strategy.
Implement Principal of Least Privilege
The principal of least privilege gives individuals access to only the privileges that are essential to their job function. All other access is denied protecting the company from unauthorized access or accidental software or malware downloads.
Implement Software Restriction Policies
A Software Restriction Policy(SRP) is a group-policy based feature that identifies software programs running on computers in a network and controls the ability of those programs to run. SRP’s are trust policies with administrator set regulations to restrict scripts and other code that it is not fully trusted from running.
Back Up, Back Up, Back Up
Routine backups of critical data are essential to every company’s cyber defense strategy. When someone has been infected, backups are often the best way to recover critical data.
Additional Ways to Protect a Network Environment1
- Use complex passwords or pass phrases.
- Do NOT use passwords for multiple accounts.
- Use two factor authentications.
- Examine information you have made public.
- Evaluate security and privacy settings.
- Back-up your information on something not connected to the internet or your network.
- Use multiple email accounts.
- Rigorously monitor your credit or freeze your credit.
- Educate yourself, your family, and your employees on changing threats.
- Don’t send money to anyone you’ve never met.
- Make sure you have updated antivirus software on your computer
- Enable automated patches for your devices.
- Only download software from sites you know and trust.
- Don’t open attachments in unsolicited e-mails even if you know the person.
- Never click on a URL contained in an unsolicited e-mail, even if you think it looks safe. Rather close out the e-mail and go to the organizations website directly.
- Use the same precautions on your mobile phone as you would on your computer when using the Internet.
Black Label IT Further Recommends:
- Advanced threat protection spam filtering
- Next generation security products that stop ransomeware i.e., Sophos, Intercept X
- Sandboxing technology which detonates potential malware in controlled environments
- Disaster preparedness plan
For more information about securing your network environment, give the team at Black Label IT a call. We specialize in helping small businesses monitor and manage their IT network as well as mitigate their digital risks.
We offer a FREE no-risk network assessment. Give us a call today.
1Resource: Adam Karcher, Special Agent FBI, Cyber Squad Philadelphia