How To save Your Business from Ransomware
Introduction
Ransomware is alive and well in cyberspace. In fact, the Cryptolocker family of ransomware is a multi-billion dollar underground business.
Do you know that crime syndicates have created a Crime-as-a-Service (CaaS) industry that distributes malware services to wannabe criminals that come complete with dashboards to track infection rates as well as full technical support! Guess what one of their best sellers is? You guessed it—ransomware.
Ransomware such as Cryptolocker, is mainly distributed through SPAM email attacks containing infected links or attachments and drive-by-download attacks where a visitor is redirected to an infected website that automatically downloads the virus onto the victim’s computer.
Businesses should be particularly wary because if the user has access to network resources, ransomware can find its way to the server, encrypting files on the hard drives and shutting down the entire network.
Once a system is infected, victims must either pay the ransom to get the decryption key that will unlock their files or risk losing access to their files forever. Even the FBI has suggested that paying the ransom is the only way to out of this mess!
Right now, there is no magic bullet
Cyber-criminals are master programmers with expertise that rivals the best technical minds in the private and government sectors. In fact, detection rates for this type of malware are extremely low.
Still, there are a few things that you can do to protect yourself and your business:
- Backup your systems frequently.
- Prohibit users from running their workstations as administrators to avoid exposing their PC and the network to viruses and other threats. If someone needs to be an administrator, they should have a separate account for that purpose. If they have to perform an administrative task, they can use Run as administrator to start programs using their admin credentials. Make sure they revert back to their normal user account after they’re done.
- Keep all systems, including third party programs, updated with the latest patches. The reason Microsoft puts out so many updates is because they’re closing vulnerabilities that they’ve found. Most third party software vendors do the same.
- Don’t open or click on any links in an email unless the source is absolutely trusted.
- Be careful of the websites you access. Drive-by-attacks, as mentioned above are increasing.
Taking the above steps will help you avoid getting infected but by no means will they guarantee that you or your business won’t become a ransomware victim. There are just too many variables to guarantee anything like that.
How to save your business from ransomware
The best way to fight ransomware and protect your business is to install an image-based Business Continuity solution that will allow you to quickly restore your system to a version prior to infection. If you make frequent backups, you’ll greatly minimize data loss should the files on your server(s) and high-value workstations become encrypted.
A full Business Continuity solution will have an onsite device that will take an image or picture of your system and allow you to instantly switch-over server operations to that device if your actual server becomes compromised. System images will also be simultaneously saved to the cloud for added protection. Your company can then operate business-as-usual with little or no downtime using the last uncompromised system snapshot while your server is being cleaned and prepped.
Doing this one thing will free you from the scourge of ransomware, save you tons of money in payments to criminals, and give you, the business owner, peace of mind knowing that you’ve taken the very best action to protect your livelihood and those of your employees.
Warning: do not think for one minute that data backup is just as good as an image-based Business Continuity solution. Although cheaper, data backup’s typical time-to-recovery when a server becomes completely compromised is measured in days to weeks versus minutes-to-hours for an image-based Business Continuity solution.
XSolutions is a Managed Services Provider (MSP) and provides 24/7/365 remote monitoring, scheduled workstation and server maintenance, Help Desk Services, Business Continuity Solutions, Cloud & Hosted Services and IT Consulting. Call us at (845) 362-9675 and see how we can help your company.