What is Ransomware and How do I avoid it?

Category: Data Security , Partner Insider
Author: Jay Brackman

Ransomware is a term that is widely used in media reports cybersecurity events, but not everyone knows what ransomware is. According to a dictionary definition, ransomware is “a type of malicious software designed to block access to a computer system (or server) until a sum of money is paid.” Yes, this is the same type of cyber attack that has impaired the networks of Target, Walmart, Staples, and thousands of other companies over the past few years. It is a targeted attack- usually through email (sometimes through texting)- that cripples a computer and/or network and requires you to pay a hacker (normally in Bitcoin) to unlock your computer or network.

Does this sound familiar? It likely does. We have heard of hundreds (at least) of instances of ransomware attacks occurring over the past 5+ years, and they are increasing every year. Why are they increasing? Because they are profitable for the hackers. Hackers know that many of these companies do not have adequate backups to get back the data that is being held for ransom, so they know that a good percentage of these companies will pay them before the data is deleted by the hacker. (Yes, in most instances, if you do not pay in a certain amount of time, the data is deleted- forever- from your computer.) So how do we combat ransomware? First, we must secure the front lines of the organization. Ransomware usually comes through via legitimate looking emails, and those go to your employees. Thus, we must educate your employees on what to look for in an email before clicking on an attachment, clicking a link, filling out a form, etc. This is most successfully done in a space called Cybersecurity Education. Many companies in America today are solely focused on educating employees of large and small companies on how to spot suspicious emails and report them to their IT teams. These companies also “test phish” employees to make sure that they remember what they learned during the education portion of the cybereducation modules.

Secondly, we have to make sure our backups are comprehensive, and cloud based. Does this mean that all PCs need to be backed-up? Perhaps. If your network administrators are using DFS or folder redirection to backup your local files on the file server, people will not have to have their individual computers backed-up. But that requires that computers be on the domain (local network) from time-to-time. In today’s environment of working from home, it is more difficult to secure data that is offsite. Therefore, if you need to keep data secure and are working remotely, remember to backup your sensitive data to your company’s cloud-based file share. That information, in-turn, should be backed-up to another cloud-based file share that is separate and secure from the first one. This is very important: Ransomware actors know that the way to combat ransomware is to have “clean” backups for everything, so now they are working to encrypt backups, too. You (personally) do not have to worry about backups. That is for your IT folks to handle. But you are responsible for important files that you are working on daily. You do not want your computer to be a single point of failure. Because of that, make sure to save your most sensitive files to a company-approved cloud-based storage area. Ask IT if you have any questions.

Rest easy with ThreatAdvice vCISO

Last, if you do get ransomware on your computer for any reason, remove your computer from the network immediately. You do not want your computer to be the reason your company gets sabotaged as a whole. This means you need to remove the network cable from the back of your computer, or you need to remove your computer from your work or home-wireless network. This is VERY IMPORTANT. If you don’t do this quickly, the hackers could also attack the network you own, including any IoT devices you have at home, like your automatic door locks, your virtual cameras, your home theatre, your virtual thermostat, your security system, etc. It can happen quickly, so be aware of what is happening and act accordingly.

 

Ransomware can be scary, but it can be prevented in most circumstances. And as a partner of NXTsoft, helping to prevent ransomware can help make you money, too. If you have any questions, please contact ThreatAdvice by NXTsoft. As a partner of NXTsoft, you are poised to sell our Cybersecurity products. Let us know if you have any questions or need specific types of marketing collateral created for your prospects. We will be glad to work on that for you to help you achieve your sales goals.

November 6, 2020
Back
Share this post on social media