My 6 Steps for Protecting from Ransomware

INTRODUCTION:

I have recently attended a MSSP (Managed Security Service Provider) conference in Orlando FL. While the weather was warm it was a cold shock to see how much was truly going on in the hacking arena

Most people can do a better job of protecting themselves if they allow their IT Services provider or Cybersecurity provider do audits for security. Most fixes can be relatively inexpensive. Most cyber crime is committed because systems are more than 3 years without patching. Patches do not usually have a dollar value attached to them if you are under software maintenance.

Last year’s 2,453 reports of ransomware hackings totaled a reported loss of $24.1 million, making up nearly one-third of the complaints over the past decade. They also represented 41 percent of the $57.6 million in reported losses since 2005. Such losses are significantly higher than any paid ransoms because companies routinely include remediation costs, lost productivity, legal fees and sometimes even the price of lost data in their estimates.

Here are five tips to make yourself a less likely victim:

1 – Make safe, secure backups

Backups are the most critical thing anyone can do to stop ransomeware. Backups should be done every 15 minutes (Recovery Point Objective) and should also be held off site. Once your files are encrypted, it’s nearly always game over. Backups often are out of date and missing critical information.

Ransomware has become increasingly sophisticated and effective at separating users from the contents of their computers. For example, sometimes it targets backup files on an external drive. You should make multiple backups — to cloud services and using physical disk drives, at regular and frequent intervals.

2 – Update and patch system

One of our recent speakers stated that 99.3% of all viruses are caused by out-of-date system patches. Most compromised systems were more than 3 years out-of-date.

The recent samsam virus-like attack takes advantage of at least two security vulnerabilities on servers, including one discovered in 2007. Updating software will take care of some bad vulnerabilities. Browsers such as Chrome will automatically update behind the scenes, saving you the time and deterring hackers.

3 – Use antivirus software

It’s basic, but using antivirus will at least protect you from the most basic, well-known viruses by scanning your system against the known fingerprints of these viruses. Low-end criminals take advantage of less savvy users with such known viruses even though malware is constantly changing and antivirus is frequently days behind detecting it.

4 – Educate your workforce

It is worth have internal emails sent warning users when cybercrime is on the rise. Basic cyber hygiene such as ensuring workers don’t click on questionable links or open suspicious attachments can save headaches. System administrators should ensure that employees don’t have unnecessary access to parts of the network that aren’t critical to their work. This helps limit the spread of ransomware if hackers do get into your system.

5 – If hit, act fast

When hackers hit MedStar Health Inc., the hospital chain shut down its network as soon as it discovered ransomware on its systems. That action prevented the continued encryption — and possible loss — of more files. Hackers will sometimes encourage you to keep your computer on and attached to the network but don’t be fooled.

If you’re facing a ransom demand and are locked out of your files, law enforcement and cybersecurity experts discourage paying ransoms because it gives an incentive to hackers and pays for their future attacks. There’s also no guarantee all files will be restored. Many organizations without updated backups may decide regaining access to critical files, such as customer data, and avoiding public embarrassment is worth the cost.

6- Have a Security Audit

I preform lots of security audits during the year. I find the same things over and over again; bad backups, missing patches, bad anti-x software, no systems being monitored, lack of Web and Mail filtering, and no Intrusion Detection Systems. It is critical in today’s landscape to invest in protecting your valuable data.

CONCLUSION:

It goes without saying that bad things are going to happen, but don’t leave the door open when a few steps can avoid many issues.

  • Have a professional security audit
  • Have good backups and test them
  • Patch your systems
  • Have Anti-X, Mail filtering, and Web filtering platfoms
  • Educate
  • Act fast

Hackers are hoping most people have not taken the basic steps to protect themselves. Don’t be a victim!

a good resource with lots of data on cyber crime is the FBI