Four Steps to Protect Your Small and Medium-Sized Business from Ransomware

June 30th, 2017   •   Comments Off on Four Steps to Protect Your Small and Medium-Sized Business from Ransomware   

ransomware prevention
 
In the aftermath of the WannaCry ransomware outbreak last month, your systems could still be at risk from other threats that exploit underlying Microsoft Windows vulnerabilities.  This week, a new attack identified as a variant of the first, has continued to exploit these and other weaknesses, to attack systems worldwide.  The infection has now spread to 60 countries, and continues to actively search for more victims.
 
The new ransomware attack, encrypts the victim’s hard drive, and demands a ransom to be paid in Bitcoin. However, the new malware is proving to be more sophisticated than WannaCry in terms of scope, ease of neutralizing it.  This attack spread rapidly using common Microsoft system administration tools, which are not recognized as malware by traditional security defenses.
 
The victim receives a phishing email, then the ransomware is activated by underlying vulnerabilities in Microsoft operating systems.
 
Of great importance:  even if victims pay the ransom, their files are not unlocked.  The only way to survive the attack, is to have a recent off-site backup of all systems.
 

Four Steps to Protect Your Organization from Ransomware:

 
Obsolete versions of Microsoft Windows continue to be particularly vulnerable.  Update all versions of Microsoft operating systems, and server systems.
 
At Intelisec, we say that a firewall is not enough to protect your organization from ransomware.  That’s why we test and work with your staff over the course of a whole year to prevent them from falling victim to phishing or vishing schemes.  Learn more here about our Safe Space™ Phishing Testing.
 
Have daily (or more often) secure, off-site backups for your server, and all your computers on your network.  Off-site backup, which can be easily restored is an essential part of ransomware recovery. We can create the optimum, secure, off-site backup solution for your business.
 
Recognize the significant risk posed by third parties, such as vendors, service providers, and others that have access to your systems, as well as those who send you emails  We review the cyber security and risk management policies of your vendors as part of our Quantum Shield Data Security Service.
 
Our cyber security experts help small and medium-size businesses both prevent and recover from ransomware attacks of all types.  Contact Intelisec for more information.