What is Ransomware and what can we do to protect ourselves? - Cloud Dolphin Ltd

What is Ransomware and what can we do to protect ourselves?

Ransomware is a type of Malware that encrypts the files on a user’s device or a network’s storage devices. To restore access to the encrypted files, the user must pay a “ransom” to the cybercriminals, typically through a tough-to-trace electronic payment method such as Bitcoin. Although security researchers have determined how to map the traffic flow of Bitcoin transactions, identifying which individual (or individuals) owns a Bitcoin account is extremely difficult.

Malware can often be automatically downloaded when users open emails and follow links to what seem like legitimate websites. Malware relies on the user to run the program manually. When the programs are run, they all display similar messages that tell the users to send payment, usually in dollars, to a Bitcoin account.

There is an ongoing threat and the ability to avoid getting hit is hard to control. The only thing we can do is have procedures in place and protect against having to pay cybercriminals to get your data back. The guide below shares a few points you could implement to protect your business. 

Backup Your Data

You need to back up your data to an offsite location to prevent it being accessed by ransomware. Depending on “sync” using services like Dropbox or OneDrive is a bad idea as they will not protect your data, what they often do is sync the ransomware virus to the cloud. Cloud Dolphin keeps multiple versions of your data, so if you unfortunately get targeted with malware, you can just restore your backup from a version of your data before the malware infected your system.

Patch Regularly

You should also ensure that you patch and update your servers and end-user desktops/laptops. Ensure that other software such as Adobe Reader, Java, and Flash Player are regularly updated to their latest versions. 

Use Group Policy to Enhance Security

In some Windows domain surroundings, it’s comparatively straightforward to configure Group Policy. You can disable executable files from running after they are in an exceedingly specific location on a PC. Locations like ProgramData, AppData, Temp and Windows\Sys are all common locations that viruses are launched from. 

Use a Third Party Email Scanning Service

MessageLabs is of one of the few service providers that can sit between your mail server and the internet, scanning for threats. These types of services have a high probability of stopping ransomware or any other virus from striking your network to start with.

Train Your Employees

Most ransomware spreads by documents sent uninvited via email. Train your staff to understand what’s suspicious and what is OK. Always make sure that you take a moment to browse an email to confirm it’s authenticity before opening.

Use Reliable Antivirus Software

Research was recently carried out, they found out that many business’ affected by ransomware were using one of the top two very well-known antivirus solutions and they didn’t stop things breaking through and infecting networks. That’s why you should use reliable antivirus vendors like ESET or Kaspersky.

Turn off AutoPlay

The Windows AutoPlay feature can mechanically launch a file from a USB stick or CD/DVD. Turning this off can stop a ransomware infection from automatically running if delivered maliciously via removable media.

Don’t Enable Macros

Consider disabling macros on Microsoft Office software package as an outsized variety of ransomware software can unfold through compromised Microsoft Word and Excel files.

So, if you still end up being infected by ransomware, disconnect the computer from the network instantly. It is worth contacting an IT specialist to see if they can find out the particular name or variant of the malware.

You can’t protect against every threat but if you have a backup with a trusted provider, you can be sure you won’t be subject to cybercrime and you can always recover any compromised data.