Cyber security is at the forefront of people’s minds in the technology industry at the moment, with a plethora of high-profile breaches pushing the subject into the mainstream.
One such ‘WannaCry’ virus Ransomware is making noise for all the wrong reasons. Rise of ransomware over the past year is an ever growing problem. The fittingly named ‘WannaCry’ ransomware attack, brought organisations around the globe to their knees when it first appeared on Friday 12th May, is the latest in an ongoing wave of ransomware cyber attacks. At the time of writing, WannaCry has hit 150 countries and over 200,000 computers leaving a wake of destruction.
Business often believe that paying the ransom is the most cost effective way of getting their data back – and this may also be the reality. The problem we face is that every single business that pays to recover their files is directly funding the development of the next generation of ransomware. As a result of this we’re seeing ransomware evolve at an alarming rate.
Our dependency on the internet continues to grow in this society it is no doubt that we will see more attacks. It is important to prepare now. So how do one prepare for a future attack? Let’s look at some of things which can help in future against the Ransomware attacks.
Regularly update your backup!
The most obvious thing that will crush ransomware is having a regularly updated backup. If you are attacked with ransomware you may lose that document you started earlier this morning, but if you can restore your system to an earlier snapshot or clean up your machine and restore your other lost documents from backup, you can rest easy.
Not to forget that Cryptolocker will also encrypt files on drives those are mapped. This includes any external drives such as a USB thumb drive, as well as any network or cloud file stores that you have assigned a drive letter. So, all you need is a regular backup routine, to an external drive or backup service, one that is not assigned a drive letter or is disconnected when it is not doing backup.
Be Cautious of Spam and Malicious attachments
One way which Ransomware can arrive is the users download and install something. Oftentimes, it’s a malicious email attachment.
Normally, emails are checked for content and attachments before they reach the end user. That way we protect them from a lot of phishing attempts and infected attachments. But when it comes to Ransomware attacks, cyrptowall spam emails can be devil in the making. These cyrptolocker may pretend to be a voicemail alert or invoice notice. The attachments are often zip files that require a user to download and unzip.
Additionally, some ransomware infections begin with a “.scr” file that arrives in a “.zip” or “.cab” email attachment, according to Société Générale CERT. If possible, for ransomware prevention, block “.scr” files at the email gateway and establish application and device control policies to block their execution.
Remember always filter spam and email attachements, Install a reputable anti-virus and the moment you think something is wrong, shut down the machine and call a professional.
Some additional advice on preventing Ransomware attacks.
As we all know ransomware is definitely today’s number one cyber threat due to the damage it causes and the occurrence factor, the countermeasures above are a must. Otherwise, your most important files could be completely lost.
The most important recommendation, though, is the one about backups – offline or in the cloud. In this scenario, the recovery consists of removing the ransom Trojan and transferring data from the backup storage.
A Wannacry attack which was a low-grade nuisance has now evolved to be a multi-million dollar criminal business that now targets both individuals and organizations. While the battle has started, the onus certainly lies on us to be – Vigilant, Prepared & Safegaurd.
Did you face any problems related to Ransomware? Let us know by commenting!