Return to site

Protection against Ransomware

Yes, it starts with you!

· Security

As many of you know I talk about security and data availability more often than many people. The main reason for that is simply because these treats are real and now becoming common and complex each day. The only way to stop them is to think of ways to outsmart these buffoons who are creating these variants. The best defence starts with each of you. Today, I will explain in this blog few simple steps which every business can take to protect against these variants.

Most of us are aware of the damage Ransomware can do to any business but I meet some of those businesses every day who aren't aware of this threat at all. So here it goes for them;

Ransomware is malicious software that infects a computer and displays a message demanding a fee be paid in order for the system to work again.

With critical data and systems at risk of being held hostage – sometimes for ransom of thousands or tens of thousands of dollars – it is critical to protect your business from ransomware attacks.

Let’s learn first, How ransomware attacks initiated?

The important thing to understand is that ransomware does not just show up on a computer or servers or even large clusters. The victim actually (unknowingly) initiates a download of malicious software to the computer.

This means that if your employees are not aware of what to look for to identify a potential ransomware attack, your business is especially vulnerable.

Cybercriminals (who I call buffoons) are cunning in their methods and are skilled at tricking people into clicking on a link or downloading a file that may look legitimate. Tricks cybercriminals use to try to initiate a ransomware attack include sending emails that appear to be from:

A mail carrier, such as UPS or FedEx, stating that a package is being delivered to you and asks you to click on a linkSomeone in your contact list — possibly even a co-worker — that has a file attachedA vendor or service provider, with an invoice attachedA banking institution, like PayPal, asking you to click on a link

Once users click on the malicious link or attachment, the ransomware encrypts their data, locking people out of their files. A screen will appear, threatening to prevent further access to the files unless a ransom is paid.

To make matters more complicated, an employee could open a malicious file without immediately knowing it. The virus will download and be working in the background, but the computer lock and the demand for ransom may not occur until days or weeks later.

This makes it even harder for the victim to pinpoint what file or link could have triggered the ransomware. It’s also more difficult for the authorities to locate the criminals responsible.

Now How can you protecting your business from ransomware?

There are three primary ways to protect your business from ransomware attacks.

1) Employee training -- Because users must perform an action to trigger a ransomware download, employee training is critical to protect your business from ransomware attacks. Your IT team or vendor should provide regular training to help employees identify possible ransomware.

Tips for employees include:

Before clicking a link or opening a file, pause to ask yourself if it makes sense. If you get an email that appears to be from UPS but you’re not expecting a package, that should raise a red flag. Or if you receive an email that appears to be from someone in your contact list that you haven’t talked to in years and the message doesn’t make sense, don’t open the attachment. One way to identify a malicious email is to check the spelling of the sender’s email address. An email may come through to you looking like it’s from “UPS.” But if you click on the email address and it’s from “info@tups.com,” that should raise suspicion.If you receive a suspicious email, contact your IT department — only forward them the email if they ask you to. Then delete the email permanently from your Inbox and deleted items.

2) Back up files -- The best defense against ransomware is to outwit attackers by not being vulnerable to ransomware threats in the first place. This means backing up important data daily. This way, even if your computers and servers get encrypted, you won't be forced to pay to access your data again.

3) Detection software -- It’s also important to implement standard IT security measures. This could include technology to detect ransomware and other malware, and patching software security holes to prevent malicious software from infecting systems.

However, keep in mind that no security product is infallible. It is still the people who present the biggest risk factor when it comes to ransomware attacks, which is why employee awareness and training are so critical.

Summary

The tips provided here can help you considerably enhance your chances against these attacks. I always stress to start with backing ups first and than validate that your backups are also regularly exported in such a manner that the data is not directly accessible. By following these simple steps, you’ll be protecting your environment from these wide spreads attacks.

I work for Veeam as Systems Engineer, this blog article credit goes to Veeam. If you have any questions, feel to reach out or check us out at Veeam