We covered “Email Phishing” last week, and a threat that is commonly found in conjuncture with Email phishing is “Ransomware”. Ransomware is a type of malware that is designed to encrypt data on an infected machine and deny access to it. Most of the time it has a “ransom” to be paid to decrypt it, hence the name.
A lot of the protections from being infected fall long the lines of not falling for email phishing incidents, so a lot of the same precautions that protect you there also protect you from ransomware.
There are two types of ransomware. Fake and Real.
Fake ransomware isn’t really ransomware, but it uses the same scare tactic. It is commonly found while browsing the web. Fake Ransomware sounds alarms, plays over your speaker “VIRUS DETECTED, YOUR DATA IS AT RISK CALL HERE”. It plays on our tendency to panic. Always close the browser that you’re using when these pops up. If you can’t or want to be extra safe (never click anywhere on the screen, just things long the program window itself, they could hide malware files within buttons there) just restart your computer.
Real ransomware is devastating to company infrastructures and your IT team should focus on isolating infected systems ASAP to mitigate damage. Not much can be done, so the adage “An ounce of prevention is worth a pound of cure” really comes to light.
So, aside from prevention of getting the ransomware from a phishing email, what else can you do to protect your infrastructure.
In case of ransomware: Have backups and a plan
Make sure you have business continuity plan, incident response plan, and an IT regiment. If ransomware hits, it hits. The same type of encryption protecting your data from being sniffed by others is the same type of encryption they’ve used to deny access to your data. Having a good IT regiment to keep systems up to date is key to prevention. Having a plan to get things up and running again is key to mitigating the loss from Ransomware. Have a backup. Have a backup of the backup.
Make sure you have trained your staff on basic cyber security practices.
While John Doe might have good intentions when he clicks the email saying he’s “Won a million dollars” he most certainly doesn’t realize the threat he poses to the computer he’s using, and any devices connected to it. Education is key at preventing malware like ransomware even appearing on the computers of your employees. With so many of us working from home at this time, it’s extra critical to have cyber-smart workers. Workers won’t have the “Penetration Tested” devices/ cloud-based systems and security measures most companies have calibrated for certain devices common in the main office.
Make sure you’ve patched up vulnerabilities and have performed penetration testing.
It’s always nice to find a vulnerability yourself and patch it before it can be used against you. Checking for holes in your network security is key for keeping business running and safe. Keep viliglant.
The U.S Government recommends that you DO NOT pay the ransom for the ransomware.
There’s no guarantee that you’ll get what you paid for. Paying encourages this criminal behavior and could even set you up as a target for attacks in the future. These types of incidents should also be reported to law enforcement as soon as they happen. Law enforecment can even provide assistance on the issue.