It’s all over the news; a global outbreak of advanced ransomware affecting Microsoft Operating Systems. The virus known as WannaCry, or Wanna Decryptor has been responsible for over 300,000 attacks in over 150 countries. To make matters worse, as systems get protected against the original threat, now there are copycat pieces of malware popping up all over the place. This is the character of tomorrow’s threat landscape. Global incidents like this underscore the tremendous importance of developing and maintaining an ongoing security strategy for your business.
Attacks like this usually enter an organization through email as an infected attachment, masquerading as something legitimate, which is accidentally executed by the user.
Ransomware viruses like this one are particularly damaging because they behave like a worm – after infecting and locking down one device, they continue to scan networks looking for more vulnerabilities (servers, desktops etc…) until they are stopped.
Keeping Your Business Safe from Ransomware
Effective security protection against complex attacks needs to be a multi-layered approach. The following controls—in combination—will offer the maximum protection for your business from this type of attack:
- Perimeter Firewalls: A strong perimeter firewall or unified threat management appliance is the primary means of preventing malware and viruses from infecting your systems. Make sure your systems are being protected at the perimeter.
- Email Security & Filtering: Filtering malicious attachments and executables blocks many of these attacks before they reach your users. Investing in good email security and content filtering is an important part of a comprehensive strategy.
- User Awareness: Users must be aware of malicious attachments and you should provide regular reminders about how to identify suspicious email. User awareness training will help your people feel part of the security strategy.
- Regular Patching: Your IT team or MSP must maintain a rigorous patching and upgrade schedule to ensure your systems are up to date, tested, and protected against known exploits.
- Backups: In the event of a ransomware infection, the reality is that the most effective way of recovering data is to restore from a secure backup. Your business needs a secure, cloud based backup solution to protect against data loss and ransomware.
Should You Pay the Ransom?
It’s important to realize that if you have a computer that is infected, paying the ransom is no guarantee that you will get your get files back. Having current and secure backups of your PCs and servers is an important step to protecting your company and your users from these kinds of invasive ransomware viruses.
Simple Instructions for End Users
Here are some simple tips and reminders that you can share with your organization to help protect against the growing number of ransomware and phishing scams.
DO NOT – open attachments you were not expecting
DO NOT – enable macros when prompted
DO NOT – click on unknown links in email
DO NOT – send your credentials (your username and password) to anyone
DO NOT – reply to any unknown messages
DO – examine the sender (name and email address) of all emails critically
DO – examine all links and attachments carefully for unusual characteristics
DO – confirm with senders if emails from known users are unexpected or unusual
DO – report suspicious emails to IT administrators