How to stop ransomware damaging your small business
- 21st January 2016
- Posted by: Mark Dodds
- Category: Security
We`ve been speaking with some of our clients about ransomware recently as its being discussed on the news etc heavily at the moment. Organisations, both big and small have been hit by attacks that have resulted in data becoming unusable. This has caused operational problems and in some cases organisations have found it easier to pay the ransom.
Ransomware is a malicious code that is spread via email or websites and it works by encrypting data to the point where it is rendered useless. The people behind the attack then ask for a ransom to decrypt the data.
Part of the conversation we`ve had with our clients are ways that will help them to prevent these attacks and we thought we`d share them here.
Check email attachments using email security software
As email is used to deliver the malicious code it is worth putting email security in place so that emails are scanned before they arrive.
Also, using antivirus that offers real-time protection will usually do the trick as it will check for any activity in the background that could be suspicious. It will then deal with the threat should the user click on it.
If you back up your data regularly then should any data become damaged via an attack you will have access to the backed up data quickly. To ensure the safety of the backed up data, it should be stored off-line and checks should be carried out regularly to make sure that your data is accessible when you need it the most.
Consistent and regular patching
If software is vulnerable then it could be exploited by malware. Therefore, it is important to ensure that all software including Microsoft Windows, Office and your other 3rd party programs are patched as this will help to reduce the risk.
Stop executables from opening
It is possible to use Windows Software Restriction Policies that prevent executable from running certain locations. Ransomware is known to use the same folders and subfolders to host the malicious software. The rules within these policies should be set to block all, allow some and this will ensure that the default behaviour will block executables while allowing you to unblock others that you wish to run.
Give users less privilege
Ransomware could cause a lot of damage if it was opened under an admin account but if normal users are given lower privileges then it could prevent the ransomware from spreading.
Following a least privilege concept will mean that users have minimum access but it could help to limit any damage caused by ransomware. In this case, if ransomware attempted to spread then it would need admin credentials to take them to the next level of privilege but this would help to stop the spread.
Scan every download
This will stop users from accessing any sites that could lead to an attack while making it possible for you to scan files and block those that pose a risk. With this in place, even if something does slip through the net and a user clicks a link the web monitoring software will block the access and ultimately stop the attack.
Improve security settings of Office applications
Choosing to use a local security policy or a group policy if in a windows domain to disable certain features such as macros will help to stop the download of malicious macros that set out to do serious damage. It is also possible to set ActiveX or External Content settings to prompt or be disabled.
Educate, educate, educate!
Users are the first point of vulnerability. If users are unaware of what they need to do then they are likely to open any file that they get sent and this can prove costly.
Telling users what they should look out for and what they should do will help immensely and lower the possibility of an attack being successful. You could advise users to ignore email attachments from users they do not know, not to click on links from senders they do not know and to also look for poor grammar. There are many things users could be told to help reduce the chances.
Hopefully, one or two of these tips may prove useful to you in securing your computers from the damaging effects ransomware can have on your business.
There are many great things within the theme which are the cause of its popularity. The biggest factor is the appearance of the theme; it disrupts theme design clichés without being unprofessional. The different possible color combinations are also being appreciated by many companies. The theme continues to rise in popularity and many other companies have expressed an interest in deploying it on their new websites. The creators of the theme are happy with the response and have vowed to create further themes exploring the same concepts