Ransomware is in essence a computer virus that infects a computer network, but instead of disrupting or destroying software and data, it encrypts it, and only the hacker has the key to decrypt it. If you want the key to get your computer(s) and data back you have to pay the hacker a ransom.
So the question on your mind right now is "How do I defend against this?".
Follow the tips below to reduce your risk of having to deal with Ransomware:
Defensive
- Anti-Virus: Ensure you are running anti-virus software on all of your computers. The anti-virus software needs to be set to automatically update the virus definition file (which should occur daily). Ensure that Real-Time Protection is active and schedule a Full Scan daily. Not having these settings makes your anti-virus only marginally effective. This should be in addition to Windows Defender (formerly Windows Security Essentials). This tip goes for Apple, Linux, and Unix computers too. While there are not as many viruses written for these non-Microsoft operating systems, there are still some out there. The small annual expense you pay is well worth it.
- Operating System Patching: For small businesses and home users running a Microsoft operating system we call it Windows Update. This keeps your operating system up to date with the latest bug fixes, many of which have a security impact. Windows Update should be set to update automatically on every computer you own (PCs, laptops, tablets, servers). And then your computer (including servers) need to be restarted after the update is done to have it fully installed on your computer. Patching needs to be done on Apple, Linux, Unix computers as well. Also, if you are using VM instances (ex. VMWare or Hyper-V) make sure your virtual operating system instances are also patched, as well as the physical machine that is running the Hyper Visor console. This is often overlooked.
- Application Patching: Like the operating system patching, purchased off the shelf software also needs to be kept up to date with patches. Applications like Apache, Adobe, MySQL, push patches out regularly. Microsoft applications use Windows Update for your convenience.
- Back-ups - At a minimum, on a daily basis you need to backup your critical systems, applications, and data. Back-ups, if electronic (ie. not to tape, DVD or some other physical media) should be stored to a separate server / storage device, that is on a separate network segment (is walled off from your production network by a switch or router and a firewall). This will, at a minimum, ensure you can restore a 1 day old back up of your production environment should Ransomware get past the anti-virus and your network security controls.
Keep in mind, the above is not a cafeteria plan. You need to be doing all of the above processes for this to be an effective defense.
FYI - Earlier this week, a hospital in Indiana had to pay $55,000 in Bitcoin to a hacker due to Ransomware.
http://www.zdnet.com/article/us-hospital-pays-55000-to-ransomware-operators/
Be Secure!
No comments:
Post a Comment