06 Jul 2017
If you’ve read the news in the last year or two, you’ve heard of ransomware. The nefarious malware infects systems, locks away data and doesn’t release it until you’ve paid a ransom in Bitcoins, often a few hundred dollars. This can be a major annoyance for an individual, personal computer user, but it can be disastrous for businesses.
The good news is that it’s relatively easy to take steps to prevent a ransomware infection.
Keep backups. You should be doing this anyway, since backups will save your bacon from not just malware, but disk failure, disaster, and a host of other things. Still, having an off-network backup to restore from is a lot better than having to pay a ransom, plus it’s a much more sure thing since hackers sometimes don’t get around to properly restoring access to files even after a ransom is paid. Click here for more information on backups.
Stay up to date. A lot of ransomware, and other malware, make use of exploits and vulnerabilities built into servers, apps, software, firmware, and the like. Patches and updates are constantly made available fix these exploits, often before hackers find them. Even when hackers are exploiting a vulnerability that isn’t known, developers are usually very quick to release fixes, so if you’re not infected initially, applying a patch can help make sure you don’t fall victim.
Block ports. Blocking SMB ports 139 and 445 can help prevent outside threats. Blocking UDP ports 135, 137, and 138 and help stop movement through a network, in case one computer gets infected with ransomware and you don’t want other computers infected from that one.
Disable admin tools. Specifically PsExec and WMIC. They’re tools with uses, but disabling them can help keep ransomware from continuing to spread.
Separate permissions. Make sure no one account can execute on every system in your network. Make sure to that accounts don’t have more access or permissions than they actually need.
Train your people. Do you and your employees know how to identify suspicious emails? Can you discern when an attachment might be fake or when a link might lead to a malicious website? What steps does your business have in place to make sure requests for data or access are from who they purport to be from? This is a very important thing for any business, and we can help with it.
Ransomware has become an epidemic, but you don’t have to fall victim to it. Get in touch with us for a free consultation to find out how well your business would weather a ransomware infection.