Do these 3 things right now to prevent ransomware on your systems!

Quick and simple, ransomware works by encrypting your hard drive and any device connected to your computers.  This makes all of your files inaccessible and you will see text documents in every folder with instructions on how to pay the ransom to get your files decrypted.

A fun fact about ransomware is that in 2020 the attacks increased by 130%.  If you break down that number, 81% of the total infected are enterprises, and 62% of those enterprises are small to medium sized businesses that don’t have sophisticated cybersecurity measures.

I won’t go in to depth telling you the obvious things like: don’t use outdated software such as Windows 7 and older, make sure everything is up to date, and to be sure you have a good anti-virus solution.  However if you do those 3 things right away, it will greatly reduce the chances of getting your systems hijacked by hackers.

How to Spot a Phishing Email!

  1. Most of the time the hackers gain access to the system from a phishing email where the user willingly gives the hacker their access credentials.
  2. Check the email address! If the email is legit it should come from the domain associated with said company. For example: an email from Best Buy will come from BESTBUY.COM and NOT info@infobestbuy.to    or    bestbuyinfo@yahoo.com  or bestbuy@htpshfs.website  Typing the domain (the part after the @ into the browser) to see if it takes you to the actual website or not is a good quick test of legitimacy, but it is not entirely fool proof and could result in system infection.
  3. Check for obvious grammar mistakes. In case you aren’t aware of this, the hackers are normally not fluent in the English language.
  4. If it looks questionable as to why they would need your login information, it is probably because it is. Check everything ten times before giving anyone login credentials.  If you entered the password somewhere that you instantly regretted, change your password ASAP!

 

Keep your backups on the Network/Cloud NOT local USB hard drives

  1. Although backing up data to a local drive might seem like an easy way to stay protected, ransomware will encrypt your backup files, in turn, making them useless without paying the hackers for the encryption key.
  2. Storing your files on a network shared drive such as Network Attached Storage (NAS) or file server will safeguard your backed up data from MOST of the ransomware attacks. I say most because as hackers become more and more sophisticated ransomware could affect network devices as well if they are not protected with passwords.
  3. Store your backup on the cloud. Although you can restore individual files, most people do not store system images to the cloud.  Ransomware can damage system files which would require a system state restore from the image.  Having an image of your server or workstation somewhere safe on the network or an external disk that is only plugged in while the backup is performed and is rotated out is the most effective way to recover from a ransomware attack.

Limit what everyone, including you, can do on their computers.

Being on a domain such as Microsoft Azure or a local domain prevents users from installing software or executing malicious programs on their machines. Setting up a user on a workgroup is a good idea to limit account permissions instead of allowing admin access for this exact reason.  Giving limited permissions prompts for administrative rights before any elevated action can be performed (such as access to encrypt files).

Although there are multiple things that can be done to further prevent ransomware attacks such as: packet filtering on the firewall level, spam filtering through 3rd party cloud based services, machine learning network security solutions that track code execution and other suspicious activities through endpoint agents across all devices on the network along with staff training can go a long way in malware prevention

If your organization is in need of a security assessment to determine if your backups, firewall and security software is properly configured to reduce the change your organization might be the next victim of a cyber attack.  Please contact AlphaCIS for help! We perform penetration testing (Pen Test), Network scan for misconfigurations and proper security settings along with providing you a detailed list of all of your network assets in an infrastructure map.  This document can be given to any Managed IT Services in order to provide you with the best support possible and give you the peace of mind that your systems are secure. If your business is located in Metro Atlanta or the surrounding areas please contact us for a quick discovery phone call with an engineer here.