Today we will be talking about ransomware and how it can affect your business and some tips on how to protect yourself against it. When most people think of getting infected on their computer they think of malware or viruses. Most malware is silent or at least presents itself as so. It hides deep inside infected machines to stealthily carry out what it was designed to do, infect your computer. Communication with the outside world, in order to receive commands or send stolen data, is usually hidden. The reason for this discrete behavior is simple, to avoid detection by users and their security controls, thus buying time to steal credentials, exfiltrate data, or compromise additional systems.
However, this is not what happens with ransomware. One of the most obvious differences between a typical malware and ransomware is that the second ransomware finishes its activity. It will let you know that you have been infected. It does this because it has already taken the control of your machine and files and now has them hostage. To fix this through the ransomware it demands ransom in exchange for the return of these files and machine(s). Ransomware is also highly automated, such that beyond it going out, most of the ransomware process runs on its own without requiring communication with a host to receive instructions. Instead, ransomware executables contain all the logic required to hijack a computer. To further exacerbate the problem, ransomware has just now started targeting businesses and corporations, which means that it is even more imperative for people to be aware of and act before they are infected and not after.
Some tips to protect yourself against ransomware are as follows.
- Never click any links that you don’t know where they are going to in your email or if you don’t know who sent you the email.
- Never provide any personal information to people you do not know over email, phone, or text.
- Use reputable antivirus software such as SetinelOne on your computers and network.
- Have a firewall on your network if you’re a business.
- Have content and scanning filters for all email going into your mail server. Office365 does this by default.
- Make sure your computer operating system is always up to date with the latest patches.
- Have offsite current backups just in case you do get infected as you can restore from those instead of having to pay the ransom.
Following some of these tips will help keep you safe from being infected by ransomware and having your network totally locked out.