A term that many people around the globe were gloriously unaware of two years ago has now become commonly known. Ransomware—a form of malware that attacks a computer, locks it, and promises to destroy data unless a ransom is paid. The sort of ransomware like WannaCry, the ransomware that attacked computer networks in more than 150 countries near the beginning of May, 2017, not only tries to get a payoff, but it freezes computers in the meantime.
Although in this instance, the ransomware garnered only $50,000 in bitcoin ransom world-wide, it is not uncommon for a company to pay several hundred or even thousands of dollars just to regain control of their own network. Other problems with these attacks are the kinds of data they often attack. In Great Britain and Australia—among other countries—hospitals lost access to patient records. Imagine a loved one being prepped for surgery and all of their records that a doctor or nurse relies on have been denied to them or were perhaps changed.
One of the vulnerabilities of computer networks is they require constant updating to be kept as secure as possible. In March, Microsoft patched an issue they saw in their operating system, but not everyone got the patch added to their system. Those who were slow to add the patch, or those who ignored the news, were vulnerable to the most recent malware attack. This is where you can be of assistance to your customers — ensuring that their product is up-to-date.
There are some things that can be done to help protect networks for ransomware and other viruses and malware. One of the more important things to do is not ignore advice to add patches. Another step that not every organization can afford is to stop running “legacy” operating systems. Running Windows XP makes your system more vulnerable to attack compared to running the most recent system. However, Microsoft is offering a patch for XP that is specifically targeted to preventing WannaCry — something you should educate your customers of if they are not already aware. Especially if they purchased their hardware from you. Organizations should not just focus on updates and patches to their operating systems. It is important to update and patch third party apps too.
Restrict Access as Needed
Perhaps workplace rules that do not allow employees to visit non-work related websites were originally based on decreased productivity. Now those rules are also important for preventing cyberattacks. Social engineering and infected banners are just two ways the blackhats of the internet world get their foot and their ransomware in the door. Education of employees is important in teaching them not just that you’re worried about productivity, but that on many of those sites viruses and similar issues may be the result.
Backing up data is also important, but it is important that backups are not continually linked to the network. Backups give you access to important records and accounts numbers. Banks, medical practices, and many other organizations and businesses can still function if their data is lost due to ransomware, malware, or a virus. It is important to remember that it is not entirely unheard of for an employee to trigger a ransomware warning and not tell the IT team out of embarrassment or another reason (being on a website not allowed at work). Not sharing information with the IT team makes lost data more likely to occur.
Even those companies that don’t have their own on-site IT team should have their firewall and network checked for network safety. Hiring an outside firm to do a network audit at least once a year can help prevent problems. You should also take some time to ensure that everyone is trained in how to handle email. What they should look for in an email that may have something insidious like ransomware attached to it. These reminders, at least once each year, can prevent serious problems from happening in the first place.
There are other solutions for those groups that have limited access to contracted IT solutions. There is software that will prevent file encryption and tells the owners if a machine has been affected to keep the ransomware or virus from spreading to the entire network. Just like an operating system, these solutions are only as good as their last update.
To Avoid Ransomware:
- Never click or open a file you don’t trust. Put it in your junk folder, then empty the junk folder.
- If at all possible, have the most recent OS available. For example, Windows Vista has a way to keep unauthorized programs from getting into your network.
- Don’t use pirated programs or operating systems. This practice is more common in other countries, and that may be one reason the ransomware attack was worse in India, Russia, and China than it was in the United States.
- Backup data regularly.
- Perform all updates and patches in a timely manner.
- Use third party firewalls and safety nets and keep them updated too.
As long as we have computers, we will most likely have people trying to get rich or just vandalizing our networks. Fortunately, there are steps you can take to keep your customers’ data safe and their networks up and running.