The threat of ransomware is a scary reality for businesses of all sizes and industries - planning for the inevitable attack is essential. Awareness is key, and if you’re here reading this you are off to a good start. Let’s talk about what measures businesses can and SHOULD take to prevent a ransomware attack – after all, why make it easy for a hacker to hack?
Phishing Emails: DON’T CLICK THE LINK!
You know the link, the one that is being sent to you by someone you sort of know, or a co-worker who sent an email with context that feels a little off? These are Phishing Emails, likely being sent to you from another email address that has been compromised.
Becoming a victim of a Phishing Email campaign will allow a C&C Server (Command & Control) to send whatever scripts or exploits it wants. Its goal is to act “silently” so the user doesn’t become aware their device is under the control of a nefarious entity controlling a few dozen (yes, DOZEN) computers from afar – much like a puppet master.
Story Time
Ransomware is typically used as a backup plan; in case the device is discovered to be running malware. So, what does that look like in real life?
A couple of years ago I had a user reach out saying their computer was running slow and loaded with pop-ups. I had them save anything important to a USB drive. Then I installed Malwarebytes - before I could even start the scan a window popped up in BOLD RED, “Ooops, your files have been encrypted!” – there it was folks, Ransomware.
The success of this story was we backed up everything they felt was important, so I was able to completely wipe the drive and install a new OS. Problem solved!
Preventing This from Happing to You
There are six key things you can do personally and professionally to avoid a Ransomware attack:
1
Be wary of emails from unverified sources. You can check by communicating directly with the purported sender to confirm whether they sent the messages.
2
Such social engineering tricks can lead to the download of ransomware. Be wary of websites that prompt you to enter any information, such as CAPTCHA code as this can be linked to a script that executes a ransomware attack.
3
Prevention is always better than the cure! Automated, daily backups is one of the best things you can do to protect your data. Being locked out of your system is never ideal, but knowing your data is preserved in a recent backup turns this from a disaster to an inconvenience.
4
Updating your software to the latest and greatest is always a good idea, especially when it comes to security. In fact, most updates rolled out are security-focused with hopes of mitigating vulnerability exploits.
5
Security solutions like Webroot or Proofpoint can block malicious websites, harmful links, social engineering tactics, and email compromises. Webroot and Proofpoint are professional-grade tools designed specifically for businesses; however, we also recommend that you use similar consumer-grade tools for your personal devices.
6
Train yourself and your staff to better identify malicious attempts. Education is the best form of protection you can implement in your organization. “Bad Actors” rarely infiltrate businesses through direct approach – instead they generally gain access by employees clicking a link and opening the door to let them in.
Do you know where your company stands when it comes to cybersecurity? Vista IT Group can review your security posture and help implement ways to mitigate vulnerabilities. Contact us if you would like assistance, we’re glad to help!
What’s Next?
To round out this series, the next blog will talk about what to do if you become infected with Ransomware and get locked out of your data. Do you pay the ransom or cut your losses?
