Written By Alan Zeichick And Presented By Chuck Leaver
Ransomware is real, and is striking people, services, schools, health centers, local governments – and there’s no sign that ransomware is stopping. In fact, it’s probably increasing. Why? Let’s face it: Ransomware is probably the single most reliable attack that cyber criminals have ever developed. Anyone can develop ransomware utilizing readily available tools; any cash gotten is most likely in untraceable Bitcoin; and if something goes wrong with decrypting someone’s hard disk, the cyber criminal isn’t really affected.
A business is hit with ransomware every 40 seconds, in accordance with some sources, and 60% of malware issues were ransomware. It strikes all sectors. No market is safe. And with the rise of RaaS (Ransomware-as-a-Service) it’s gon na worsen.
Fortunately: We can resist. Here’s a 4 step battle plan.
Excellent Basic Hygiene
It starts with training workers ways to deal with malicious emails. There are falsified messages from company partners. There’s phishing and target spearphishing. Some will get through email spam/malware filters; staff members have to learn not to click on links in those messages, or naturally, not to give permission for apps or plug-ins to be set up.
However, some malware, like ransomware, will get through, typically exploiting out-of-date software or unpatched systems, just like in the Equifax breach. That’s where the next action can be found in:
Guaranteeing that end points are completely patched and entirely up-to-date with the latest, most secure os, applications, utilities, device drivers, and code libraries. That way, if there is an attack, the endpoint is healthy, and has the ability to best battle the infection.
Ransomware isn’t really an innovation or security problem. It’s a service problem. And it’s a lot more than the ransom that is demanded. That’s peanuts compared to loss of productivity due to downtime, poor public relations, upset clients if service is interfered with, and the cost of rebuilding lost data. (Which presumes that important copyright or secured financial or client health data isn’t really stolen.).
What else can you do? Backup, backup, backup, and secure those backups. If you do not have safe, guaranteed backups, you can’t bring back data and core infrastructure in a prompt style. That includes making day-to-day snapshots of virtual machines, databases, applications, source code, and setup files.
Organizations need tools to identify, identify, and avoid malware like ransomware from dispersing. This requires continuous visibility and reporting of exactly what’s taking place in the environment – consisting of “zero day” attacks that haven’t been seen before. Part of that is keeping track of end points, from the cellphone to the desktop to the server to the cloud, to guarantee that all endpoints are updated and secure, and that no unforeseen modifications have actually been made to their underlying configuration. That way, if a device is contaminated by ransomware or other malware, the breach can be detected quickly, and the device separated and shut down pending forensics and healing. If an endpoint is breached, quickly containment is critical.
The 4 Techniques.
Good user training. Upgrading systems with patches and repairs. Supporting everything as typically as possible. And using tracking tools to help both IT and security groups identify issues, and respond quickly to those problems. When it comes to ransomware, those are the four battle tested techniques we need to keep our services safe.
You can learn more about this in a short 8 minute video, where I speak with a number of industry experts about this problem: