The following post was co-authored by Robert Belk and Michael Mendoza.
Ransomware is one of the biggest and most dangerous threats in 2016, with infections hitting home computers, businesses, hospitals, and now mobile devices and even Macintosh computers. So what is this threat exactly?
Ransomware is malicious software that encrypts the files on your device as well as any files you have access to on the network. These files are then inaccessible until a ransom is paid to the attacker or the files are restored from an offline backup. The threat isn’t merely malicious code that may slow network functions. Rather, it is an active attack from a malicious individual or group who can significantly disrupt or bring your network operations to a halt.
Ransomware is on the rise and it is becoming easier for attackers to infect victims. Infections can occur through several different means and the means are evolving. It can be distributed via email attachments, through removable USB drives, or simply by visiting a compromised website.
Below are several tips to help protect against these threats:
- Make sure all important files throughout the business network are backed up regularly and kept offline, i.e. in the cloud. In the event of a breach, this is the best and lowest cost method to restore access to the files.
- Ensure a strong anti-spam solution is in place; and never open attachments from unknown senders or unexpected attachments or links from known senders. Cybercriminals will sometimes spoof emails to appear as if they are from someone you trust, or send them from other compromised accounts they have gained access into.
- Be very cautious when opening files with extensions such as exe, vbs, and scr.
- Keep operating systems, browsers, antivirus, and other third-party software up-to-date with vendor patches/updates.
- Utilize robust business grade antivirus software on all endpoints. We recommend Kaspersky Endpoint Security.
- Network monitoring and advanced tools are also available. These include Next Generation Firewalls (NGFW) and improved Privileged account (a leading instruction entry point) management tools.
What to Do If You Suspect an Infection
If you suspect an infection has occurred, disconnect the offending computer or device immediately from the network as quickly as possible and contact Synetra promptly to begin triage and remediation. We can also provide follow up for solutions that can help you manage future risk.
Protect Your Technology with Synetra
Synetra is a full service Information Technology provider, with offerings spanning security, networking, structured cabling, DR/back-up and managed services. We can help you secure your most business-critical files and ready your network to protect itself against the growing threat of Ransomware. We’re here to answer any questions you may have.