Ransomware has been around for about a decade. But it still is a concern for many CIO’s, IT managers and business executives. Ransomware is a type of malicious code/software that threatens to either publish the victim’s data or withhold access to recovering files until a Ransom is paid. The actual malicious code/software is typically delivered via email or web URL.
It used to be that the criminals would target Fortune 500 or Blue Chip companies, hospitals, government(s) and academic institutions. We have experienced the attacks being targeted to almost all companies and institutions, big and small. In a recently published article that I read, they said that over 200,000 Windows computers have been affected (at least published). Our thinking is that number is significantly higher if we include all the firms that have not publicly reported the attacks.
To help out with your defense against Ransomware, we have the following list:
- Educate your staff, especially non-IT departments and describe good email and browsing rules. Building a security culture in your firm can bring lots of positive results.
- Since a large number of the attacks come from email, maybe tag all external mail with a header. e. The e-mail below is from an external source. Please do not open attachments or click links from an unknown or suspicious origin.
- Update and patch software. Desktop level patching is critical.
- Install anti-virus software. And make sure to enforce use and updates for all users.
- Create a backup. Remember that 50% of corporate data lives outside the datacenter. Make sure to address backing up those sources (desktops and laptops, remote NAS or server)
- If you get infected, disconnect. Turn the computer off. Ransomware proliferates through a system, the quicker you disconnect, the less damage you will sustain.
Don’t let your first experience with Bitcoin be a Ransomware incident. We have some really effective solutions that can help reduce the risk of Ransomware. Our engineering staff definitely like to share their knowledge.