How to protect yourself from ransomware
User education is the best preventive
The incidence of ransomware – a form of malware that locks a computer, encrypts your files and intimidates victims into paying a ransom – is growing like a hurricane.
According to the FBI, ransomware is highly profitable, with scammers earning an estimated $27 million in just two months in late 2013.
Even with every prevention method in place, there is no guarantee that you will not get a ransomware virus. The virus is typically contracted by an infected website, through an advertisement, a link within an email, or something similar. Because users are the ones that typically contract the virus, we recommend that you include user education as a prevention method.
Here are five points on which to educate your employees today:
1. Do not use unprotected computers: When you are accessing sensitive data, make sure you are on a secure device. You need the protection that is provided by your company’s secured network. A personal computer may not be protected, or worse may already be infected.
2. Be cautious with suspicious emails and links: They them can compromise your computer without you ever knowing it. A popular email scam are UPS and FedEx copycat emails. Do not click on these email links – a safer solution is to go directly to the company’s website to research your shipment tracking.
3.Don’t plug in personal devices without the OK from IT: Don’t plug in personal devices, such as USBs, MP3 players and smartphones without permission from IT. Even a brand new iPod or USB flash drive could be infected with a nasty virus.
4. Don’t install unauthorized programs on your work computer: Malicious applications often pose as legitimate programs, like games, tools even antivirus software. They aim to fool you into infecting your computer or network. If you like an application and think it will be useful, contact your IT admin to look into it for you.
5. Scams to steal confidential information: Don’t respond to emails requesting confidential information – bad guys are successful because they are convincing. Report any suspicious activity to IT.
As for your IT administrator here are five things you should make sure he or she has implemented:
1. Keep regular backups of your important files: If you can, store your backups offline, for example in a safe-deposit box, where they can't be affected in the event of an attack on your active files.
2. Use an anti-virus, and keep it up to date: As far as we can see, many of the current victims of the CryptoLocker ransomware were already infected with malware that they could have removed some time ago, thus preventing not only the CryptoLocker attack, but also any of the damage done by that earlier malware.
3. Keep your operating system and all software up to date with patches: This lessens the chance of malware sneaking onto your computer unnoticed through security holes. The CryptoLocker authors didn't need to use fancy intrusion techniques in their malware because they used other malware, which had already broken in, to open the door for them.
4. Review the access control settings on any network shares you have, whether at home or at work: Don't grant yourself or anyone else write access to files that you only need to read. Don't grant yourself any access at all to files that you don't need to see – that stops malware seeing and stealing them, too.
5. Don't give administrative privileges to your user accounts: Privileged accounts can "reach out" much further and more destructively both on your own hard disk and across the network. Malware that runs as administrator can do much more damage, and be much harder to get rid of, than malware running as a regular user.
You may be surprised to know that 40 percent of companies are unable to recover data from tape due to unreliable/faulty media. That is why you should be testing your backup and recovery process to ensure it is working, and can actually be implemented when you need it. If you do get this type of virus, your backup solution may be the only thing you have to get your files back without paying the ransom.
Remember, end-users are frequently the weakest link in data security. Not only do they need initial training, but constant awareness.
Tim Howard, president and CEO of RMON Networks, Plaistow and Laconia, can be reached through RMONNetworks.com.