Written By Alan Zeichick And Presented By Charles Leaver
Ransomware is real, and is striking people, companies, schools, medical facilities, local governments – and there’s no sign that ransomware is ending. In fact, it’s most likely increasing. Why? Let’s face it: Ransomware is most likely the single most effective attack that cyber criminals have ever developed. Anyone can create ransomware utilizing readily offered tools; any loan received is most likely in untraceable Bitcoin; and if something goes wrong with decrypting someone’s hard drive, the hacker isn’t impacted.
A business is hit with ransomware every 40 seconds, according to some sources, and sixty percent of malware issues were ransomware. It strikes all sectors. No industry is safe. And with the rise of RaaS (Ransomware-as-a-Service) it’s gon na get worse.
The good news: We can resist. Here’s a four-step fight plan.
Great Standard Hygiene
It starts with training workers the best ways to deal with harmful emails. There are falsified messages from business partners. There’s phishing and target spearphishing. Some will make it through email spam/malware filters; employees have to be taught not to click on links in those messages, or obviously, not to allow for apps or plug-ins to be set up.
However, some malware, like ransomware, will get through, frequently making use of obsolete software or unpatched systems, as in the Equifax breach. That’s where the next step comes in:
Guaranteeing that end points are completely patched and entirely up-to-date with the latest, most safe and secure os, applications, utilities, device drivers, and code libraries. In this way, if there is an attack, the end point is healthy, and has the ability to best fight off the infection.
Ransomware isn’t an innovation or security problem. It’s a company issue. And it’s so much more than the ransom that is demanded. That’s nothing compared to loss of efficiency because of downtime, poor public relations, angry consumers if service is disrupted, and the cost of reconstructing lost data. (Which presumes that valuable intellectual property or secured monetary or client health data isn’t really taken.).
Exactly what else can you do? Backup, backup, backup, and safeguard those backups. If you don’t have safe, protected backups, you cannot bring back data and core infrastructure in a timely style. That consists of making day-to-day snapshots of virtual machines, databases, applications, source code, and configuration files.
Services require tools to identify, identify, and avoid malware like ransomware from dispersing. This requires constant visibility and reporting of exactly what’s occurring in the environment – consisting of “zero day” attacks that have not been seen prior to this. Part of that is keeping an eye on endpoints, from the smart phone to the desktop to the server to the cloud, to ensure that all endpoints are updated and safe, which no unexpected changes have actually been made to their underlying configuration. That way, if a device is contaminated by ransomware or other malware, the breach can be discovered rapidly, and the machine separated and closed down pending forensics and recovery. If an endpoint is breached, fast containment is important.
The Four Tactics.
Great user training. Updating systems with patches and repairs. Backing up everything as typically as possible. And utilizing monitoring tools to assist both IT and security groups find issues, and react rapidly to those issues. When it comes to ransomware, those are the four battle tested tactics we need to keep our companies safe.
You can find out more about this in a brief 8 minute video, where I speak with numerous industry professionals about this concern: