Protecting Your Network from Ransomware
Recently, the Rockville Centre school district paid almost $100,000 to restore their data after being hacked with a ransomware virus that encrypted files on their server. Ransomware has gained a lot of notoriety lately as it seems to be taking down businesses, schools, and other organizations across the country. No one really knows where it originates from, but what we do know is how it’s getting here; end users open phishing emails with malicious attachments or click on suspicious URLs. Once the user runs or installs those programs, the entire system is compromised, especially if there’s no protection on the machine.
If these incidences teach us anything, it’s that we should ALWAYS keep a backup. Investing in an offsite, cloud-based solution that automatically backs up data daily is the best way to protect files. If a user is hacked by ransomware and has data backed up offsite, IT professionals should be able to wipe and restore all data using a clean backup.
The FBI suggests the following actions to further protect yourself against ransomware:
- Implement an awareness program to educate yourself and others – Proper training can prevent workers from clicking malicious links.
- Enable strong spam filters
- Scan incoming and outgoing emails – Enable anti-virus and anti-malware programs to conduct regular scans. Draining the moat makes it easier to scale the castle wall. When an endpoint is compromised, it makes it easier to overcome any other perimeter defenses.
- Back up your data regularly
- Conduct an annual test – Vulnerability assessments can find your network’s weaknesses.
- Update your passwords frequently – For IT professionals and administrators: Deploy a policy to force users to update their passwords every 90 days.
- Isolate and quarantine ransomware when you do find it – The most effective way to kill a snake is to cut off its head. Power off all affected devices – immediately secure your backups by taking them offline!