Inside TDV - The Data Vault Blog
Businesses are still getting caught by ransomware, despite the fact that there are fairly straightforward methods to avoid it. The principle behind these viruses is that the malware encrypts files on a system’s hard drive using an unbreakable key, and this is decrypted by the attacker once a ransom is paid, typically by online currency such as Bitcoin. Most ransomware is delivered via email and the most common theme is fake shipping notices from delivery companies.
“In the past year, we have seen the content of these emails being both near-perfect in local languages and also looking much more legitimate than previously. While the majority of ransomware attacks still happen opportunistically, we often see them being ‘localised’ so they fit into the targeting countries.” said Jens Monrad of FireEye.
With this in mind, what are some of the ways to prevent (and mitigate) potential damage when dealing with this threat?
Backup Completely & Frequently
The most common advice to recover from an attack by ransomware relies largely on whether a good backup policy is employed for your data. Regular backups are the most reliable method for recovering infected systems, but in order to be effective these backups must be serialised; with older versions of files available in case newer versions have been corrupted or encrypted. Frequent testing to ensure the success of backup systems is also a component of a well rounded plan.
Other recommendations include storing backups in an offline environment because many variants will try to encrypt data on connected network shares and removable drives. Because ransomware is able to encrypt files on mapped network drives, disconnect the mapping where possible if you are not using the drive.
Always Install Updates
Getting software patches installed and being up to date remain the best form of security. Most ransomware compromises are still more opportunistically driven than targeted, with the delivery of the ransomware payload usually take advantage of some known vulnerability. The criminals behind these attacks are depending on the fact that a vast majority of people don’t update their software in a timely manner. Installing updates can seem mundane and time wasting, but in the long run provide far larger benefits for a few moments of annoyance.
Check Staff Access Privileges
The final piece of advice to protect against malware is to ensure your employees’ privileges are locked down. Unfortunately, most organisations are not watching or analyzing user activity, and malware will execute with the same privileges as the victim executing the payload. If the person getting compromised has local or global administrative privileges, the malicious code will have access to nearly universal resources. This also mean ransomware will have the capacity to encrypt data on network drives, shares and even removable media.
Viruses are an unfortunate part of the connected landscape, and won’t cease to be a threat for the foreseeable future. With proper planning and strategy, however, organizations can guard themselves against the worst effects and keep their systems securely functioning. The Data Vault has been providing reliable backup and storage solutions since 1984, and our team of experts can help with any concerns. Contact us today and we’re happy to answer your questions!