Ransomware is malicious software that blocks access to your data and threatens to publish or delete it until you pay a ransom. Simple ransomware can make your system inaccessible in such a way that an experienced IT security person can often reverse the effects.
Recently, we have seen the rise of more sophisticated malware that encrypts files and demands a ransom payment to decrypt them in difficult-to0trace digital currencies, such as Bitcoin.
The ransomware attack Petwrap first occurred in December 2016 as a variant of the GoldenEye malware. While this specific ransomware started in Europe, it has quickly spread to the United States and requests a ransom equivalent to $300 (USD) in Bitcoin.
The Petya component of Petwrap allows the malware to remain viable on infected systems and attack the master boot record, while the EternalBlue component allows it to proliferate through a business. This malicious software is particularly aggressive and can spread rapidly throughout an organization, crippling the business.
As your managed IT service provider, TeamLogic is committed to helping your business stay secure.
Ransomware can cost a lot more than the requested ransom in terms of business disruption, downtime and recovery, unavailable data, inoperable devices and damaged reputation.
In addition to the security practices outlined in Protect Yourself With Basic Network Security Practices
, ensure you have the following safeguards and employee education training in place:
- Increase the frequency of complete system backups and always follow data back-up best practices to avoid paying ransoms, and to ensure you can recover using your backed-up data.
- Check system and network email security protocols more often than in the past, as no one knows the day or hour an attack will take place.
- Consider restricting peer-to-peer file sharing – a common way infections spread - on your network.
- Include ransomware in general planning for data breaches and add specifics for incident response.
- Decide in advance if, and how, your firm would pay ransom.
Ransomware attacks are typically carried out using a Trojan, which is a legitimate-looking file users are tricked into downloading or opening when it arrives as an email attachment.
A good defense strategy is to launch a Ransomware Employee Education Program that:
- Identifies suspicious email, which is often the main channel for attacks.
- Provides samples of ransom popups.
- Shows warning signs, such as missing file extensions or extensions such as “.crypted” or “.cryptor”.
- Directs employees not to "trust" a web page, access Facebook, or use messaging applications, such as WhatsApp, from a business device.
- Trains users to be aware of fraudulent e-mail messages that use names similar to popular services - for example, "PayePal" (instead of PayPal) or “LinkedEn” (instead of LinkedIn) - or use popular service names without commas or excessive characters.
- Teaches that when a PC is attacked, employees should disconnect from the internet, turn the computer off and notify the IT Backup Team.
If you find yourself the victim of a ransomware attack, do not pay the ransom. Call TeamLogic IT first, as there is often no evidence that hackers give files back even after a ransom is paid. As your technology advisor, TeamLogic IT is always available to discuss any concerns you have around your network security and computing environment.
TeamLogic IT has been named one of the top 50 managed service providers (MSPs) around the world, ranked 36 in the MSPmentor 501.
The MSPmentor 501 is a global ranking of leading MSPs and is the industry’s most trusted analysis of managed service providers. There’s a reason this is now our fourth year making the list – we are a trusted technology advisor to thousands of companies of all sizes across North America.
Since 2007, TeamLogic IT has become the 55th largest IT service provider globally. Our success is driven through one core mission - to leverage technology for our customers.Thousands of businesses across the US - just like yours here in Wilmington, NC - are taking advantage of our ability to deliver highly available, secure and flexible IT systems. At TeamLogic IT, our philosophy is simple - we work with you the way we'd want someone to work with us. Visit us today in the Port City at 2901 North Kerr Ave., 910-500-1392. If email works best for you, contact me personally at [email protected].