Backup to be safe
A simple definition of Ransomware categorizes it as a type of malware that once infects a computer restricts access to the system in some way, and demands that the user pay some money to the malware operators to remove the restriction. Most of them systematically encrypt files on the system’s hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a Trojan, whose payload is disguised as a seemingly legitimate file. Ransomware, have been infecting computers since the 1980s. Today, however, the chances of being involved in a ransomware security breach—and the ransom amounts—are increasing.
This year have been a high increase on the ransomware attacks.
Ransomware infections have seen exponential growth in 2016, as security researchers report several different forms of ransomware including Crypto locker, Locky, TeslaCrypt, Petya and SamSam are utilizing craftier methods to attack machines and encrypt files before victims even realize what’s happened. Victims are then forced to either pay the ransom or hope they have a backup recent enough to spare them any lost data. Meanwhile, the time required to remove ransomware and restore lost files can prove costly as well.
Nobody is safe 100%, several different forms of ransomware has reared their ugly heads, taking captive millions of victims from small businesses to hospitals to major news sites like the New York Times , BBC and Newsweek.
The FBI issued a confidential urgent “Flash” message to the industry about the threat of Samsam on March 25, seeking assistance in fighting the ransomware and pleading, “We need your help!” The FBI’s cyber center also shared signature data for Samsam activity to help organizations screen for infections. But the number of potential targets remains vast, and the FBI is concerned that entire networks could fall victim to the ransomwares.
The types of ransomware vary, as do delivery methods, which may involve social engineering schemes such as phishing e-mails or tricks to get people to click on fraudulent links.Ransomware is less about technological sophistication and more about exploitation of the human element.
According to Spiceworks, Laptops present the greatest security risk, 81 percent of laptops—both company-owned and personal ones employees use for work—are most vulnerable to a breach. That’s followed by desktops (73 percent), smartphones (70 percent) and tablets (62 percent).
The vulnerabilities grows when employees don’t understand what ransomware constitutes, or aren’t invested in avoiding, risky behavior when handling company data. IT professionals particularly struggle with limited end-user (or employee) knowledge about security precautions and resistance to using safeguards.
Cybercriminals aren’t just targeting companies that collect consumer data, they are going after confidential high-value data from legal, accounting, architecture, engineering firms, and, medical office, but that is not exclusive. No business is safe anymore.
The Golden Rule
Businesses need to ensure that employees are mindful of their online behaviors, but this is not enough to prevent o mitigate a damaged to your files. Some extra care should be taken.
Another step to do is make sure all of the organization’s hardware and software is properly updated with the latest software and patches to mitigate these threats, since most of they use security breach on the operating systems.
Update the browsers, update the operating systems, update the critical security patches, and update anti-virus software. Make sure you have anti-virus, anti-phishing, anti-spyware and a firewall working properly and up to date.
Certainly, those are not enough. There is not bullet proof procedure to be safe from ransomwares attacks, but business can take some step to mitigate the effects in case of an attack. The simple and most efficient solution is to have a well implemented backup and disaster recovery plan. Every business must have safeguards in place and be prepared to react strategically in the event of a breach.
Companies can mitigate some risks by backing up their data—saving files to a different hard drive or NAS device in a secure location or if possible to a different subnet since most ransomwares will scan your network to spread itself. This is a recommendation as a normal best practice. However, now days that most of the sensitive data of any business is managed digitally it must be one of the first step to be taken by your Information System Administrator.
How often you need to back up your data depends on what kind of business you have. Backups can be done incrementally—once an hour or once a day at least. It makes no sense not to have a frequent backup because hard drives have become relatively inexpensive comparing price per Terabytes. Using a third-party cloud provider to back up data is ideal.
Have a data breach plan in place that contemplates the possibility of a ransomware attack and addresses business continuity, communications and restoration from backups. Make sure your IT person tests the set of backup periodically, not only to make sure the backups are happening properly, but also to get them familiar with the restoring process if the worse happens.
If your IT department comply with this suggestion it will not only be able to isolate the malware once scanned the whole network, but also to retrieve files without having to pay.
You can call us and get a free Estimates to recommend the right set of backups for your business or personal files. Preparation for continuation or recovery of systems needs to be taken very seriously and that is the way we do.
We have developed a set of well proven steps to minimize the possible failures on your system as well as recovery procedures for those catastrophic events that you cannot avoid that happens.