The best ways for ransomware protection
In light of some fairly public instances of ransomware being experienced across the globe in 2018; we thought we’d put our two cents for methods for ransomware protection of your IT infrastructure.
Well documented ransomware attacks in 2018
Before we get into it, a good starting point is to outline a couple of these highly publicised cases of ransomware running rampant.
The City of Atlanta encountered mass file encryption in late March because of a ransomware variant named SamSam. Reportedly infecting at least 5 of 13 departments – some city services used pen and paper; while others were out completely.
This included online services like customer facing and payment portals and court related documentation systems.
Systems were still limited and files still being recovered from backup 10 days after the attack. By the middle of April; the ransomware event cost the city in excess of US$2.6 million.
During the same time period (28th March); a Boeing production plant located on the US east coast reported that it was hit will WannaCry. That’s right; the same WannaCry that became one of the largest, worldwide ransomware attacks in 2017. 150 countries around the world reported cases of WannaCry. Hospitals in the UK were infected which added a life threatening (and foul play) element as well.
Boeing apparently had over 700 automated assembly tools succumb to WannaCry on the South Carolina plant.
Now that we’ve covered these two examples of ransomware attacks in the recent months; we’ll get to the main point of this article which is ransomware protection!
Methods that help with ransomware protection your business can use.
Patch anything and everything
Vulnerabilities within computer systems (via software and hardware) are a favorite target of the ‘black hats’ that are behind ransomware and malware attacks.
Making sure that all software packages, operating system updates and hardware drivers are up to date is a pretty simple (but sometimes time consuming) task.
Software and applications like web browsers, anti-virus, adobe flash player and java are common on most machines.
If prompted to install updates, or have the option to configure update automatically – do so. The more popular or well known the software or operating system; the more likely that it’s a target of ransomware.
Invest in solid security software and hardware
Mentioning security software, the first thing that comes to mind is anti-virus. However; there are other software packages and solutions available to protect against cyber threats.
Another well known security solution is the trusty old firewall. Using software and hardware firewalls can help lock down network access and reduce the possible entry points and back doors or open windows (no not the operating systems) for unauthorised ‘visitors’ to get through.
E-mail is also a common way that ransomware leaks through the cracks. Usually a malicious link within the e-mail or an attachment that users can click on to kick things off. This is why it’s important to have a sturdy spam filter and live scanning process that checks all incoming mail.
Show hidden files and file extensions
One way that ransomware frequently arrives is in a file that is named with a common extension like .pdf or .exe. This method counts on Window’s default behavior of hiding known file-extensions. If you re-enable the ability to see the full file-extension, it can be easier to spot suspicious files.
Encrypted files also have their file extension changed. Just being able to see file extensions; the chances of seeing abnormal files on a system are higher.
Perform regular backups of your data
To discourage the ransomware industry; the theory that no payment of ransom (usually in some form of cryptocurrency like Bitcoin or Ripple) should be made. If no one paid the ransom; no one will bother with attacking systems with ransomware.
Therefore; for this to be even a remote option for a business; there needs to be a viable alternative. This is where having backups of all critical data comes into play for better ransomware protection.
By having multiple copies of the most important data available; the chances of being able to restore uninfected data back without having to decrypt anything is high. However; a backup strategy should make sure that the copies of the data:
- Have an ‘air-gap‘ between them
- Are located in different physical and geographical locations
This is where Test My Backups comes in…
Our team know the techniques for ransomware protection; through the use of best practice backup strategies. We’ve got an excellent record of assisting businesses of all sizes that have encountered a ransomware infection through our managed backup service.
As a result of reading this article you wish to know if we’re able to help? Send us the details of your situation and we’ll let you know.