Friday, November 18, 2016


By: Curtis Woods
President at Integrated Solutions, LLC

noun: ransomware;

1. a type of malicious malware/software designed to block access to a computer system until a sum of money is paid.

How much will ransomware cost me?

The demanded costs to unlock your files can vary greatly. The prices can range from $25 up to $1000 or more. It is also important to note that paying the ransom does not guarantee that you will ever get your files back.

How does ransomware infect my system?

Ransomware usually infects a system in one of two ways:

1. Your system may become infected by visiting malicious or unsecured websites.

2. Ransomware infections also come through email attachments or links from untrusted emails or emails that have been hacked.

Traditional advice to prevent ransomware

1. Have and maintain a firewall. - Your first line of defense is a strong and well maintained firewall.

2. Use Anti-virus software. - While no Anti-virus protection is good enough to catch everything….the combination of firewall and AV protection is your best combination for protection.

3. Make sure your pop-up blocker is enabled and working. - Many ransomware infections come in the form of a pop-ups that end users click on, thereby unknowingly downloading a virus.

4. Only go to trusted websites. - Make sure everyone in the office is aware of this policy and state clearly what types of websites are not to be visited under company policy.

5. Only open links and attachments from trusted senders. - If there is any question about the authenticity of the sender, call them to verify that the email is legitimate.

6. Make sure your backups have “multiple restore points.” - One of the most important tips is to make sure your backups can be restored from multiple restore points. Some of the most common backup solutions can only restore to the last known backup. For example, if you leave work today at 5:00pm and at 7:00pm your system is infected with Ransomware and your backups run at 10:00pm….you now have a backup of your data, but unfortunately the backup is of corrupted data.

Advanced options for preventing ransomware

• Deep Packet Inspection Devices – These are typically hardware devices that “review” all of the inbound and outbound network traffic and block anything detected as malicious.

• End point security software – This is software specifically directed at malware (Ransomware is malware, not a virus). Security software companies are starting to release applications that are specifically directed at Ransomware.

• Security awareness training – Products like Knowbe4 offer security awareness training and testing for your employees. They offer self-phishing campaigns to help companies properly train employees to not gullibly click on unsafe email attachments and links.

What should I do if I become infected?

• Shut down your computer immediately. This may prevent the Ransomware from spreading.

• You MUST report it to DHS if ePHI has been compromised.

• Call your trusted IT professionals at Integrated Solutions.

No comments:

Post a Comment