Ever since WannaCry, everyone has known just how dangerous ransomware can be, but they keep getting hit – do you know how ransomware can penetrate your defenses? Nexgentec’s Marcel Manning appeared on News 13 to talk ransomware and how to defend against it.
You’ve probably heard a lot about ransomware and other cybercrime threats. It’s easy to hype up the doom and gloom about cybercrime – fear is often a great motivator. But at a certain point, it’s probably turned into background noise, right? You hear so much about types of threats that you get numb to it. Here’s a reminder of just how real cybercrime is – Lake City just shelled out nearly 500,000 to hackers so they could get their data back. And here in Florida, they’re not alone. The Riviera Beach City Council just had to pay $600,000 for access to their data after a similar attack. In light of this growing rate of ransomware attacks in Florida, our very own Marcel Manning recently appeared on News 13 to talk about the threat, and what businesses can do to protect themselves.
Watch Marcel Manning on News 13 Here
“People are affected by ransomware on a daily basis,” said Marcel. “We don’t even see normal viruses, hardly ever. What we’re seeing more is ransomware. People are getting infected.”
Before exploring how you can protect yourself, let’s make sure we’re all on the same page…
What Is Ransomware?
In a ransomware attack, a hacker gains access to an organization’s computer systems. Typically, an unsuspecting employee clicks on an emailed attachment that appears to be a bill or other official document. In actuality, the attachment installs a malicious software program (malware) onto the computer system. Once embedded, the malware allows a hacker to access critical systems, often giving complete remote control data and access.
3 Ways Ransomware Infect Your Systems
Phishing is a hacking technique that “fishes” for victims by sending them deceptive emails. Virtually anyone on the internet has seen a phishing attack. Phishing attacks are mass emails that request confidential information or credentials under pretenses, link to malicious websites or include malware as an attachment. With only a surprisingly small amount of information, cybercriminals can convincingly pose as business members and superiors in order to persuade employees to give them money, data or crucial information.
- Out Of Date Hardware
Did you know that one of the most common ways that cybercriminals get into a network is through loopholes in popular software, applications, and programs?
Despite how advanced modern software is, it is still designed by humans, and the fact is that humans make mistakes. Due to this, much of the software you rely on to get work done every day could have flaws — or “exploits” — that leave you vulnerable to security breaches. Many of the most common malware and viruses used by cybercriminals today are based on exploiting those programming flaws; to address this, developers regularly release software patches and updates to fix those flaws and protect the users. This is why it’s imperative that you keep your applications and systems up to date. Unfortunately, most users find updates to be tedious and time-consuming and often opt to just click “Remind Me Later” instead of sitting through an often-inconvenient update process. Comprehensive and regular patch management is a crucial part of proper IT security. Some of the worst data breaches are based on “zero-day exploits”, which are based on exploits found by hackers but not by the developers, leading to severe security risks and an immediate need for patching.
- Unused Systems
You can’t forget about that old desktop you have in the corner of the office that no one uses. Not only is it taking up space – it’s also putting you at risk.
Forgotten hardware doesn’t get patched, updated or included in the deployment of new security technology, but it’s still connected to your network, right? That’s what makes it such a great target for hackers. This type of hardware needs to either be removed from the network entirely or kept up to date and secured along with the rest of your infrastructure.
The #1 Best Way To Defend Against Ransomware
The best way to keep your data safe is to simply have it backed up, to a separate location, on a regular basis. By storing a complete and up to date copy of your data that’s separate from your local systems, it doesn’t matter if your onsite data gets encrypted by ransomware. You can simply wipe it all and recover your data from the backup. The problem is that most people don’t have a recent backup or any backup at all. That makes them a perfect target for ransomware.
“These local governments, if they’re telling you that they’re affected by ransomware and paying the ransom, then they don’t have a backup. Because if they had a backup, they’d have their data and would be back up and running. So basically they’re telling you they aren’t doing their job,” said Marcel.
But that’s not all – ideally, you can keep ransomware out of your systems in the first place…
8 More Tips To Protect Against Ransomware
Be sure to follow these tips, which are applicable to organizations, employees and individual computer users:
- Enlist expert support from a cybersecurity company to ensure you’re kept safe by a trained team.
- All software, firmware and operating systems should be patched on desktop and digital devices (including smartphones, tablets, and laptops). A centralized network patch management system can make the coordination of these efforts easier in large organizations.
- Confirm that anti-malware and antivirus settings are deployed to automate all updates and to continually conduct system and device scans.
- Have very clear access and authorization procedures in place. Do not provide administrative access to employees unless absolutely necessary. Administrator accounts should be used sparingly.
- Access controls should be configured so that shared permissions for directories, files and networks are restricted. The default settings should be “read-only” access to essential files, with limited permissions for write access to critical files and directories.
- Train your staff to ask themselves these key questions before opening an email:
- Do I know the sender of this email?
- Does it make sense that it was sent to me?
- Can I verify that the attached link or PDF is safe?
- Does the email threaten to close my accounts or cancel my cards if I don’t provide information?
- Is this email really from someone I trust or does it just look like someone I trust? What can I do to verify?
- Does anything seem “off” about this email, its contents or sender?
- Macro scripts in office should be disabled when sent over email.
- Software restriction policies should be created or other controls implemented that prevent the execution, especially in the common locations where ransomware lurks, such as temporary folders used by the most common web browsers.
If you’re not sure about how to ensure your protection against ransomware and other cybercrime threats, then don’t try “fake it ’till you make it”.
Be sure to consult an IT company if you’re unsure as to the state of your business’ ransomware contingencies.
Like this article? Check out the following blogs to learn more:
Microsoft Accounts Targeted For Months, Hackers Serve A Security Reminder
Essential List of Cybersecurity Terms to Know in 2019
Microsoft Data Breach Highlights Need for MSP Collaboration and Security