Ransomware, also known as cryptoware, is a form of malware. The aim is to encrypt all your documents so that the only way you can regain access to them is by paying a ransom to get the passkey to decrypt your files.
According to industry insiders; in the last year, 54% of businesses in the UK were hit by ransomware and 30% of business victims lost revenue. 20% of businesses had to cease operations immediately with more than 60% of attacks taking more than 9 hours to remediate (this statistic fits with our own experience at Hands on IT Services).
Ransomware was traditionally transmitted via email attachments such as zip or PDF files however as users have become more aware of this the criminals behind ransomware have evolved. Ransomware infections now come via browsing the web, 3rd party software vulnerabilities and direct attacks via password exploits.
You do not know you have it until it’s too late. Once infected with ransomware, all you can do is hope that the criminals will give you the passkey once you have paid. There is no guarantee. Even if you do get the key, the criminals now have your credit card details.
Can you prevent ransomware?
You can take sensible precautions by keeping your anti-virus and network up-to-date with updates and Microsoft patches, instruct all your staff to NEVER open a zip file unless you know who it has come from, were expecting it and the style and format of the email looks as you would expect. Make sure mobile devices are also included in your email scanning.
You should have and enforce a solid password policy within your company, secure your WiFi Access points and where possible tighten control of the number of users who have local admin rights.
However, none of this is infallible. You need specialist protection and after spending a long time looking for a solution to the ransomware problem; we have found a product that does provide a safety net and we now offer this as part of our managed end point security service.
Heimdal cryptoware blocker
Heimdal Security provides cryptoware protection over and above anti-virus security, whose task is to detect a virus and remove it.
Heimdal complements the anti-virus software by focusing on traffic, blocking malicious internet traffic, protecting the PC against hackers, malware servers, infected domains and websites, as well as preventing private data leakage. It blocks advanced malware, such as GameOver ZeuS (P2P), CryptoLocker and Shylock.
No cryptoware software is infallible – the criminals behind this malware are always one step ahead – but Heimdal offers strong and effective protection.
An up-to-date backup
With all the ransomware software in the world, you still need an up-to-date back up of your data so we can simply restore the data to a clean server or machine. It’s a pain and is time consuming, but it’s far better than losing the lot.
What we can do
We would recommend a full network audit that looks at all aspects of your current setup and then produce a report that clearly identifies high, medium and low risk areas which you can then action yourself or ask us to assist with.
Our full network audit would not only report on how to reduce the risk of ransomware but would also make sure your overall network is as secure as possible and ready for the new General Data Protection Regulation that will become law on the 25th May 2018.