The Reality of Ransomware - Part 2 of 2

 

-Last time we talked about what ransomware is and how it infects your files. Today, I would like to point out some security precautions and pro-active steps you and/or your business can take to help reduce or stop infection from ever occurring.

It can present its self in two ways.:

Let’s compare your network to a kingdom. The first point of security in any kingdom would be the walls. The materials used to make them, the techniques put into place while building them, how high they are, guards at the gate, guards on the wall, etc. This is first point of security to stop any outside threats. Much like the walls; your router is the first point of security. This is where every virus, ramsomware, hacker, etc has to get through first. If you have a weak one or one with no security at all, you can be exposed and easily targetable. A SonicWALL or any other firewall integrated router has security features and tools that help reduce or stop many attacks from happening. Now much like kingdom walls, if a spy wanted to get into the kingdom, it will. But it takes a lot more effort. The same goes with anything that tries to get in through a firewall. Your router is the walls to your network kingdom. Keep this in mind when deciding on what router to get when establishing a network. A good firewall is well worth the investment.

Now that we know to have good walls in place, let’s talk about what the citizens of your kingdom can do to mitigate the risk of infections.
First, there should be some sort of incident response plan. That is, what to do in response of an infection. For example, word gets out that the network has been compromised and every staff member knows to unplug their network cables to stop any potential spreading of the infection.
Second, there needs to be Anti-Virus/Anti-spam solutions on every machine in the network with daily scans running. This can definitely find and stop any potential threat before it releases its payload infecting your machine and potentially others as well.

Please note that free Anti-Virus programs are not a full protection solution and that you are still at risk when using these. Granted, you are more protected using a free one over nothing at all, but again a full anti-virus software is well worth the investment and the protection.

Some other things to keep in mind.
-Keep all systems patched
-Restrict internet access
-Provide social engineering and phishing training to employees.
-Remind users to close their browser when not in use. This also applies to any VPN software they are running as well.

At the end of the day, you want the confidence to know that you are doing everything in your power to protect yourself against all online threats. Talk to your IT department to get a plan of action for you and your staff in case of any emergency.

-Caleb Senechal, RawTec Service Manager