Ransomware

Ransomware infections are on the increase and the means to infect a target machine or network are getting more advanced.  Previously, ransomware attacks were delivered by an infected attachment in an email.  Ransomware attackers know users may have been taught not to open suspicious attachments.  Now they are using social engineering attacks to make the email more personal to reduce your defenses to open the attachment thinking the email attachment was legit because it came from someone you know or the CEO of the company.  

The cost to recover from a ransomware attack can be devastating to a company.  The cost in terms of the ransom demands, loss of revenue, downtime, data recovery, reputational damage, etc.  Proper planning and solutions are the best way to protect your company from a ransomware attack.

 

What is ransomware?  

Ransomware is a program that is installed on a user’s PC or Server that will encrypt specific types of files (documents, pictures, etc) or can encrypt the entire HDD which will not allow for the PC to boot.   

 

Am I at risk?

If you work from a PC or Mac, you are at risk.  

PCs are the most common devices to be infected but Mac and Linux systems are not immune to the risk.  As more Macs and Linux machines are being used, the more of a target they become to these risks.  Ransomware attackers will develop these tools to infect the largest number of devices and they will focus on the devices that are used most.

 

How do I protect myself?

The best way to protect yourself from a ransomware attack is to have a layered security solution.  First you will want to have a verified backup solution.  Be sure the solution is tested routinely as you do not want to be in a situation where you need to restore, and the back has been having errors or does not have the data in the back needed to be restored. Second, protecting your users from avenues of the attack.  For example, using content filtering at the router/edge device to filter the sites that may contain malware.  Also, you will want to implement a good spam filter to scan all attachments and emails with links for malware and remove any emails that may contain malware or links to sites that may have malware.  Next you will want to remove a user’s admin rights to their PC so that if a user does get access to malware/ransomware, they are not able to install the malware on his/her PC.  Also, you will want to have an effective antivirus solution on each PC to watch for any anomalies on the system.  Employee training is another important role of reducing your risk.  Being sure your employees are aware of the risks and how to respond to potential risks.  

 

How can we help?

We can assist with setting up these and other layered protections.  We have solutions to assist you with each level of security and protection to reduce the risk of ransomware on your business.  If you currently do not have a layered approach to your protection from not only ransomware but from other attacks as well, please give SunRiver IT Partners a call at (615) 646-2121 or by email atinfo@droidmunkey.com.