Introduction
Ransomware, Reyptson, Leakerlocker. These are all terms for some of the most common threats to your IT systems.
Before we start getting into the nitty gritty – IT security is a bit like building insurance. There’s rarely a need or want to consider the unthinkable scenarios, like if your house were to burn down, but there is a chance it will happen.
The same used to be true for IT security – it was fairly low risk. But that has all changed.
Why is this? Because Ransomware is spreading and damaging many businesses. You only hear about the large security breaches on the news, but if you ask 10 business associates if they’ve encountered a threat, it’s almost a sure thing one of them has.
To be brief, what does the virus actually do?
It usually infects a PC in the form of a malicious email attachment. The mail attachment looks just like a normal PDF which could be disguised as an invoice/purchased order.
Once it has been opened, the virus will then encrypt all word/excel/pdfs/pictures on the infected PC. Rendering the files useless.
Then, it will search for network drives and go after files stored centrally on any servers you may have, wreaking havoc on shared network drives and departmental files.
Finally, it will display a message on the infected system stating if you pay a “ransom” then you can have access back to your files. The truth is – if you pay, you are not guaranteed anything and may end up in a worse situation, as the software will capture credit card details.
Prevention is better than cure.
4 key steps for any business to reduce the risk of Ransomware:
1. Raise awareness among staff
Make staff aware of the threat of files and links from within emails. They might even look to come from a trusted source. If you are not expecting an attachment, then beware.
Common sense is key – if you don’t know the person sending the attachment or link, then don’t click it.
If you are unsure, ask your IT provider to inspect the link or attachment.
2. Server-side protection, GPO’s
GPO stands for Group Policy Object – your internal IT department or provider should be deploying a set of group policies on your internal servers that restrict the virus’s ability to spread to the network.
3. Email Spam filter
Does your email system have a spam filter? Probably – but does it inspect attachments on emails?
Possibly not – make sure you have an email protection system in place that can do the job in the background.
It’s a bit like a firewall for emails, inspecting all emails incoming and outgoing for malicious viruses.
4. Check that backups are actually working
If you do get hit by the Crypto-locker, the process for recovery is to use your backup system.
99.9% of all backup solutions will send a notification to the IT department/provider to let them know if a backup has been successful or unsuccessful.
However, the vast majority of IT professionals will not actually test to see if you can successfully restore files from a “working” backup service.
Get them to check this now, and on a monthly basis.
As a bonus step, you should plan routine security audits of your IT systems by an outside source to ensure your systems are secure. To get started with a security audit, reach out to us here.
Get in touch with us
Secutor Cybersecurity is a trusted partner comprised of industry leading experts in the fields of Cybersecurity and Governance, Risk and Compliance. We partner with our clients to deliver on-demand solutions tailored to expertly navigate the regulatory demands of their specific industries.
Our proven track record of successfully exceeding client expectations is achieved through the combination of our methodical approach, advanced technologies, subject matter experts, and synergy with client team members.
Secutor is your team of world-class problem solvers with vast expertise and experience delivering complete solutions keeping your organization protected, audit-ready, and running smoothly.