Ransomware is becoming more common due to the success the creators are enjoying due to the improvement of their methods. What were once simple text-based phishing emails are becoming very realistic looking “corporate” fakes. The newer generation of malicious coders creates very realistic looking content that includes corporate logos and some real information from the company’s website to make their content more believable. At the same time, they are becoming more skilled at bypassing in-place security methods. Not every attack can be stopped, but the vast majority can be thwarted by following a few recommendations.
Start with an antivirus software on every computer and server on your network. Although different antivirus packages each have their strengths and weaknesses, most known threats are recognized by most antivirus software. Don’t let your company get infected by a well-known threat by having unprotected computers on your network.
Users having local admin rights on computers makes them more vulnerable to ransomware. A user lacking access to install the ransomware may be enough to stop malware from installing. Some malware may still be able to find a way around this, but for the most part, it is still a good habit to have computers secured against users installing any software, malicious or not.
Block most known ransomware at the firewall. NextGen firewalls can identify malicious code as it attempts to travel thru the firewall.
Many attacks can be stopped right on the firewall and will never reach the LAN or the end-user.
Many email services today offer some built-in spam/malware filtering. Additional pre-filtering does catch more spam and malware than the ‘built-in’ style filtering included in your email service/server. Several options such as SpamTitan exist for pre-filtering spam and malicious email content before it even reaches your email server or service.
To say that user training is the most important part of your security arsenal is an understatement.
Although technology companies offer great solutions to protect your systems, new attacks that are unknown can bypass these systems. User behavior is still THE best way to stop a new attack. Have your users trained by professionals who can teach them some of the methods we use to identify malware.
Employee response testing – Test your users regularly to make sure they are able to identify threats and phishing schemes and know what to do when they receive a suspicious-looking email. ITecs offers test campaigns that send users test spam messages to see how they react. Reports are generated so that management can identify users who click on the links instead of reporting the spam so that they can receive further training.
Even with all the best tools in your security arsenal, infections happen every day. Having good offsite/offline backups is the best solution to protect against damage from ransomware. Having good backups means you not only get your data back on your own schedule, you also get it back for free. Just wipe the infected systems and restore from backups. Ransomware attacks work by encrypting the files. This means the files still have to be decrypted once the ransom is paid, and it can take hours or even days to get all your files back.
The worst part is not knowing how long this will take. Restoration from backups is usually faster, and if you’ve been testing restores, then you already know how long it will take to recover your files.
With all these precautions in place, your company can survive almost any malware attack. The more of them that can be put in place, even if not all, still improve the chance that your company will recover without paying a ransom.
Cloud computing has been around for quite a while but it took some years before it became part of everyday language. Starting out it might have seemed too esoteric for many companies, but it's hard to imagine our current technological world without the cloud.
On average, it takes 100 days for ransomware or malware to be detected with traditional network security systems due to their inadequate visibility and limited ability to analyze advanced threats. A lot of damage can occur over 100 days. Due to the advanced programming of EDR, the 100-day average of detecting ransomware or malware drastically drops to just a matter of hours or even minutes.
iTecs is your IT solution for your business’s remote and onsite managed IT service needs. iTecs has the expertise to guide and consult with businesses regarding which technology and services are necessary to run quickly and efficiently. After consulting with you on the technology needs of your business, iTecs will procure and employ the programs, then monitor and provide maintenance, such as patch management and updates, and be on top of any issue within the system if it were to occur. It should not be the responsibility of your business to be an expert in IT. Instead of worrying about becoming the best in IT to protect your business, gain peace of mind by outsourcing your IT needs to the best MSP by partnering with iTecs. We do what we do best, so you can focus on being the best in your industry and taking your business to the next level.