What does all of this Ransomware in the news mean to us?

What does all of this Ransomware in the news mean to us?

Ransomware has been all over the news, especially the past couple of months.  The reports show how these attacks can cripple networks including critical infrastructure like airports, banks, power companies and large industrial manufacturers.  Ransomware is a category of malware that can encrypt your computer files until you pay a ransom to unlock them. 

The most recent ransomware (PetrWrap based on an older Petya variant) originated from malware called GoldenEye that released in December 2016.  As it evolves it becomes stronger and includes exploits leaked by hacker groups.  Components of variations come together to generate resilient malware.  Early last month there was a ransomware campaign (WannaCry) that reportedly used the Microsoft Windows exploit called EternalBlue stolen from the NSA’s cyber weapons toolkit that resulted in more than 200,000 attacks across 150 countries.  Tracking analysis from FortiGuard Labs shows an average of more than 4,000 ransomware attacks every day since January 1, 2016. 

As these attacks evolve, they include additional capabilities that make it easier to spread and also steal credentials – very sophisticated improvements to what was used a mere few weeks prior.  It’s getting harder to prepare for these attacks, but if you can, stop the entry point (often just one infected machine) or make sure your users know that time is of the essence and understand the basic steps they can take to avoid a misstep and thereby be a frontline of protection for your network.

User Education – The First Step to Stopping Ransomware

  1. Staff education.The most effective safeguard is user awareness as ransomware needs user interaction to be successful.Train users to spot and avoid or question
    • Phishing emails and spam
    • Embedded links to unknown websites
    • Suspicious attachments including documents, pictures or graphics received unexpectedly (even from a known person as their email account may have been compromised)
  2. Switch off email preview windows as this may trigger a ransomware download
  3. Follow ITs guidance on rebooting for patches and updates to latest versions of software to ensure all known weaknesses or vulnerabilities are addressed.
  4. Report any odd thing that happens on your device to your IT staff as soon as possible.Things can go very wrong in a very short period of time, make sure your IT administrative staff is involved right away.

Expedient Technology Solutions – Stress Free IT

We take the threat of ransomware very seriously for our Stress Free IT clients.  We maintain a regular routine patching of network systems, operating systems, software and firmware on all devices with our centralized management systems. We deploy and maintain intrusion protection systems, anti-virus, anti-malware and web filtering technologies with automatic scanning, regular data backup and encryption and scheduled testing of recovery processes to make sure everything is in working order.  We disable macro scripts in files transmitted via email.  And, we establish a business continuity and incident response strategy while conducting frequent vulnerability assessments.  More information on our blog post from May  Critical Cyber Security Threat - WannaCry

Managed IT services are only as good as the organization providing them.  Our goal is to prevent any problems before they cause data damage or loss, interruptions in your business operations and financial loss to your business.  We work to maximize your network’s speed, performance and the stability of your systems. 

If you would like to learn more about protecting your organization with our Stress Free IT managed IT solution, please call (937) 535-4300 and ask to speak to one of our IT Consultants.