Our last article approached Ransomware’s topic and hopefully demonstrated why a ransomware attack could be so costly. While other articles will dive into topics more in-depth, it would be wise to offer a quick list of things every company can start thinking about now.
The key to surviving a Ransomware attack is preparation. Preventing and recovering from a ransomware attack is a cultural habit that needs to be developed. It is not a simple set of security measures, though those security measures are certainly part of the preparation process. Any dynamic shift in a company needs to happen in stages. Otherwise, employees won’t respond well to it. Read through this list and use it as a guide to creating a roadmap of those changes that need to be made within your business.
Table of Contents
Utilize OneDrive or Google Docs
There’s a good chance that your business subscribes to either Office 365 or Google’s G Suite. Both of those services come with great cloud syncing software. That software can backup user files and PC configurations. These are automated processes included with the price of your subscription, so why not use them?
Both OneDrive and Google Drive, the online syncing apps for each service, will backup files in real-time as they are saved to their designated sync folder. Training employees to start using this folder can be tough, though. So, have IT start mapping that sync folder as the Document library. Also, move existing files to that folder.
Here’s the key. If something happens to a user’s PC, their files will still be available in the cloud. Because they are synced, it also makes it very easy to restore those files. Both of those services also keep a version history of data saved. That means if someone makes a mistake and saves a file or a Ransomware attack encrypts data, anyone can easily roll back to a prior version of the file that worked.
Train Your Employees to Spot a Ransomware Attack
The first line of defense in any ransomware attack or virus situation is your employees. It’s not enough to ask employees to be aware of risks. Everyone knows not to open file attachments or click on links in emails they don’t recognize. Most people are even aware of inspecting those URLs or email addresses to make sure they pass the smell test.
Unfortunately, phishers, people who use social engineering attacks, have gotten good at phishing attacks. They have learned to disguise their emails better. In some cases, emails can even include spam links or email addresses that look like real things. It’s not a simple matter of trying to pass the smell test anymore. In many cases, phishing emails do now.
There was a story in the tech news not long ago written after a Firefox zero-day vulnerability was released. That tech story revolved around a computer researcher that almost got hacked from a phishing scam. The attack was extremely targeted and well thought out. If it weren’t for dumb luck, that researcher would have been hacked.
If a computer researcher can fall for phishing scams, then everyday employees can, too. There are a lot of programs out there that will train employees. They also measure how susceptible specific employees are to certain kinds of attacks. It would be wise to investigate these services or talk to your MSP about various training options.
Know Your IT Security
IT security is a complex subject and is often best left to professionals. Setting up a network isn’t as simple as plugging in network cables and assigning IP addresses anymore. That will keep data flowing through the wires, but it won’t help secure your business.
A good network technician will segregate business units and functions into different VLANs, for example. This helps keep different parts of the network separate from each other. That way, if one set of employees is attacked, others may not be. This is because everyone operates in their own ‘zones.’
Another good security measure is implementing a proper firewall. Firewalls can be a bear to manage, though! Part of maintaining a firewall means making a list of all of the apps that need access to the outside world and whether data goes in or comes out of the network for those apps.
Managing Security
A firewall could be configured to block any traffic from dangerous areas of the world like Russia or China. That would prevent many of the phishing emails and links from ever getting to your business. Likewise, many pieces of Ransomware won’t function properly if they can’t phone home.
This needs to be managed appropriately, though. Some businesses might need to communicate with people from these areas. So, make sure to do a proper audit before implementing rules like this.
On a final note concerning IT security, make sure that security software is configured correctly and updated. Installing antivirus software on PCs is not enough anymore. It was recently found that Norton and Symantec were blocking Windows updates because Microsoft started deploying updates at the beginning of 2019. This is a huge issue! That means unless a PC using either of these AV suites was correctly configured, they weren’t receiving Windows patches from Microsoft! Microsoft routinely releases patches that fix vulnerabilities that hackers find. They are excellent about making these patches quickly, too. That doesn’t matter if a PC never receives a patch, though. If you don’t patch, you’re leaving yourself wide-open to a Ransomware attack.
For more safety tips or to read part 3 before it’s released to the public, please send us a message.