If it’s not at the top of the list of the things to be worried about in your day-to-day business operations it definitely should be, Ransomware! The risk of being infected grows more and more every day as attackers become more aggressive in their creation and deployment of this lucrative cyber-crime industry.
As a business, how do you protect yourself against this growing threat.
- The first and probably most important thing to do is to educate the users of devices on your network. As much as your IT guy can try to design the perfect network an un-educated user can ruin the entire system. Educate users to treat suspicious with caution: review the domain name of the email, the signature and look for spelling mistakes. Never click on any links unless you are 100% sure of the validity of the link etc.
- Do not throw all your eggs in one basket when it comes to network security, take a multi-layered approach. Make sure the network perimeter or gateway has an intelligent intrusion prevention system, anti-virus and anti-spyware software must be kept up to date. Never adopt a single point of failure in any IT network project
- BACKUP AND TEST, BACKUP AND TEST, BACK UP AND TEST. I cannot stress this point enough, backups are extremely important and testing those backups is just as important. Having an effective backup and recovery strategy could be the only way that you can recover your data without having to pay ransom. So Again, BACKUP AND TEST, BACKUP AND TEST!
- Due to the complex nature of our IT environments, IT departments find themselves managing a mixture of endpoints; phones, laptops etc. These endpoints are at risk if they don’t have the right anti-malware/virus software on them and if they are not regularly updated. Some users even turn the protection off sacrificing safety for speed.
- Attackers are continuously exploiting system vulnerabilities they find in applications you install on your machines as well as the operating system of the machines. Software vendors continuously deploy updates to patch known vulnerabilities in the software, so it is important that you stay up to date on all your systems and in any instance where possible it is wise to enable automatic updates.
- Once an attack is initiated, the ransomware will try to spread to as many endpoints as possible. To limit the spread IT departments can segment the network, by keeping critical apps on a separate network or by creating VLANS to limit the spread.
- Never brush off suspicious looking files or emails, quarantine them and analyse them before deploying or opening them. Sandboxing is a technology that allows you to move suspicious files to quarantine for analysis before you deploy them on the network. If the file is found to be malicious you can take preventative measures of follow-on attacks by blocking the file as well as the IP address that is originated from.
- I am a massive iPhone fan but that does not in any way play into this next point. All devices that connect to your network with that run Google Android OS have become a prime target for ransomware attacks with thousands of new attack types reported daily. Ensure your IT department takes the necessary steps to protect your Android smartphone.
Ransomware has become the bane of the IT community with attacks on the rise and businesses not educated enough to take the necessary steps to protect themselves. Call IT Services specialize in Network Security, backup and disaster recovery management. If you are uncertain of the state of your IT network contact us on itservices@callitservices.co.za and make sure you are protected against this rising threat.