The Internet has always kind of been like the Wild, Wild West. It truly is a frontier with very little if any laws or law enforcement. That freedom from control has enabled the World Wide Web to grow at an astounding pace and innovate daily, but it has also put all of the onus on all of us to be cautious and protect ourselves.
Recently a new class evil has come to work on the internet. Previously, malware would install junk on your systems and make them run poorly, perhaps even hijacking your browser sessions. Occasionally, certain infestation would install remote controls (i.e. bots) on your system to steal data or use you system in other attacks. These types of malicious software still exist and are still just as annoying and damaging as ever, but the new kid in town has taken his game to a whole new level.
Ransomware is targeted to mostly companies. The attack of ransomware is simple but viscous. The ransomware finds files of all different types on your system and encrypts them to make them unreadable. This may include Microsoft Word, Excel, and PowerPoint files, PDF files, Pictures, and even Windows system files. The end result is files you cannot open, applications that may not work at all or may just have a few bugs, and even server services that may not run correctly like email, web-based applications, and SQL-based apps. All in all the attack is very debilitating and destructive. To make matters worse there are so many variants being developed each day that your ant-virus/anti-malware software might not catch it before you get hit and hit very hard.
Previous version of ransomware and other malware were pretty easy to clean up after but the newest varieties attack backups as well and damage applications requiring that whole servers be rebuilt and making the process very time consuming sometimes taking days and even weeks to fully recover. The alternative is to pay the ransom of anywhere form a few hundred dollars to tens of thousands and even then further cleanup and lingering issues are common.
And now (like that wasn’t bad enough), the FBI says that there is a new version that can attack your servers without anybody clicking on bad email of a bad link on a website, etc. Now that is really scary.
So what can you do?
All of the below are appropriate (not one or two but ALL):
- Filter Spam Aggressively and off-site so as to limit your exposure to infected mail.
- Make sure your users know not to click on links in emails and not to open or even preview suspicious emails.
- Backup Data, VMs, System State, Application, and Databases regularly and make sure to rotate a copy offline (offsite) daily to speed up recovery and protect your backups.
- Practice security for users using least privileged to limit spread of infections.
- Make certain that all of your servers and workstations (including mobile devices) are protected by anti-virus/anti-malware software and that the software is updating at least daily if not hourly and performing regularly scheduled scans at least weekly.
- Make certain that all of your servers and workstations (including mobile devices) are being updated and patched (Windows Updates, Java, Adobe, etc.) on a regular schedule.
- Filter all traffic at your firewall for malware, viruses, intrusions, and web-based attacks.
If you have any questions or concerns regarding your network security…Call Viking Networks 812-372-0007