Ring… Ring… it’s your Hacker
You might think it’s a bit weird to receive a call from a hacker but this has been seen recently. This tactic has been used when your attacker finds out you’re not going to pay or you’ve restored from backup. As you might have heard by now 60% of SMBs close their doors forever within 6 months of a cyber-attack. Another thing that you have probably heard is $9.5 million is essential the cost of recovering from a cyber-attack. Ransomware is one of the most prevalent and dangerous versions of malware but what can you do to protect yourself?
How Ransomware Attacks?
To understand how to protect yourself you must first understand what Ransomware is and how it attacks you. Ransomware is trying to make you pay your hacker to not divulge your information or give it back. First, they will need access to your data, which could be your customers’ private information or sensitive company information. Most Organizations need to be able to access sensitive information from multiple locations. If you are a company that ships novelty key chains you would most likely need your customers’ name and address. Both your sales and shipping departments would need that information. One to log the order for processing and the other so that it can send out the order. Forcing information to be stored on a server on-premises or in the cloud. We now know what they want to do, what their target is, and how are they going to it?
Ransomware can attack you from many different locations and in different ways. Attacking networked printer is one way they go about this due to them being neglected. Modern office printers are very advanced nowadays they have an OS and several functions like wireless cards. Often these are connected to the network and their passwords are left at their defaults, making them an easy target. Another more complex one is SQL injections this one is harder to pull off but is extremely damaging. This involves finding a location usually a website or a network that is making a direct database query. They begin to poke and prod looking to see if can inject malicious code. Once they find a location that is vulnerable they begin extracting all your information. Because this is at the database level once they have cheated the permission they have all of your information.
These are only two examples of how you could be attacked there are many more. Your attacker could try phishing to get an employee to divulge a password or access an account that’s been orphaned. They could even try attacking all your network ports to see if one of them was left unsecured. We now know what a Ransomware attack wants to do how they might go about doing it. But what do we do when we get attacked?
Recovery from Ransomware
Next, we should look at what would we do in this situation if we are hit by a Ransomware attack? Do you have a disaster recovery plan? Do you have Backups? Is your answer No either or both? Then you are in a bad situation. A breach Is bound to happen the important thing is to minimize the damage that can be done. Having strong policies and plans in place help if it does happen. It is also important to have employees know what to do in these situations and to drill these situations. It helps to change things up every so often for these drills. Removing a key player in the chain to see how everyone reacts is good. Then reviewing what happened, making adjustments or changing protocol, or adding new ones is helpful. Secondly, having multiple backups is huge you should always create backups of your database. And storing them in places other than on your network.
Do’s and Don’ts of Ransomware
It is never a good idea to pay your attacker. This shows them that you are unprepared for these types of attacks and are willing to pay. In cases where you pay to free your data you find that it damage or corrupted. This is because the programs that steal this stuff or lock you out usually damage the files. This happens because these programs look to compress large amounts of data and don’t care about integrity. So not only are you out a large chunk of money your data is gone anyway. Now, this is where the title comes in there has been a recent trend of hackers cold calling you to threaten you with exposing your data. Remember that you never win when you pay you always lose. The best way to protect yourself is to take a proactive stance on Ransomware.
Lastly, what does having a proactive stance entails anyway? There are many ways to do this one is to hire outside help that can proactively monitor your systems. Another one is having an audit of your IT systems done to look at what vulnerabilities there may be. Good Firewalls and security policies help to minimize the risk, also educating employees on the risks and what to look for. Ensure that all ports and sockets are properly protected is another good thing to do, never leaving default passwords is another must and finally taking print network security seriously is another big one.
A word from Powerland
If You are interested in an IT Systems Audit, or in improving your Security systems please contact us using the form found at the bottom of the page or emailing us at firstname.lastname@example.org. Our Managed Hosted Services and Managed Services team can help you improve security, reduce stress, and reduce cost. We use industry-leading software and firewalls from some of the industry’s best companies such as FireEye and Aruba, 24hr proactive monitoring, and identity monitoring through Okta. We can also help you with upgrading your network hardware with hardware from an industry leader such as HPE. Contact us to learn about the Powerland Advantage and how we can help your organization. Powerland a trusted solutions provider in Canada for over 30 years.