What is ransom virus?
Ransom virus is better known as ransomware. It’s a form of malware that aims to trick or force a user to pay a fee to regain access to their data. Even though it’s a relatively new development in malware, it’s lucrative nature has made it big business. This means that companies need to understand what it means in practice and how to protect themselves against an attack.
Organizing your data backup process can take the worst sting out of ransomware attacks
Obviously, you need to make your IT security as good as it can possibly be. That said, no security system can ever guarantee total protection against all threats, particularly not ransomware. The reason for this is that companies that pay the ransom are basically financing the development of the product to try to keep it ahead of the tools you use to fight it. If, however, you have a robust data backup process in place then the worst outcome will be that you have to go through the hassle of restoring from it.
The important point to remember is that automated backups to local systems will generally just transfer infected files into backup, overwriting healthy ones in the process. You may be able to recover a previous version of the file if you’re using mechanical hard drives to which you have access. This is, however, far from guaranteed and in any case, will not help the many companies using public cloud platforms.
You, therefore, need to ensure that you have a second data backup stored in an offsite location (which can be a second cloud). You also need to have processes in place to ensure that only clean files are backed up to it. If the threat of ransomware alone is still not enough to encourage you to do this, then it’s worth remembering that an off-site data backup lays the foundation for a complete business-continuity/disaster-recovery solution.
Ransom Virus: You need a robust anti-malware product with a firewall
In principle, you can buy your anti-malware scanner and your firewall separately. These days, however, the performance of combined products is at least as good as the performance of separate products. This means that there’s usually nothing to be gained by doing so. In fact, you can actually lose out as combined products tend to be both more cost-effective and easier to install.
Cloud-based products tend to be very much preferable to products you need to install locally. In the context of protecting against ransomware, their main benefit is that they can be updated more quickly and efficiently. This is because updates simply have to be deployed on the server. You don’t have to spend the time downloading and installing them locally or risk them being missed or not installed properly.
This may sound like a small point and on a case-by-case basis, it is. If, however, you consider the frequency with which anti-malware products need to be updated, it’s easy to see how each little benefit can add up to a big difference as time passes.
Cloud-based products also move the storage and processing loads onto the back-end servers rather than the neighborhood devices. This will make a big difference to the client experience, especially on lower-specced devices such as mobile devices.
You absolutely must keep your operating system(s) and applications updated
Any device which connects to the internet must use an operating system and applications which are still being supported by their developers. Any updates produced by the developers must be installed promptly (at least if they relate to security). Neither of these points is negotiable, at least, not if you want to protect yourself against malware in general and ransomware in particular. If you need to maintain older devices, for example, to keep using specialist apps, then keep them offline.
If you’re struggling to manage your updates, then you either need to improve your in-house resources or have an IT managed services provider take care of this for you. You might also want to look at your update cycle for mobile devices as it can sometimes be easier to replace these than to keep updating them. You could potentially resell your old devices or donate them rather than just sending them for recycling.
Remote and mobile users should be guided to use secure connections to the company network
Free WiFi may have started as one of life’s conveniences but it now causes all kinds of security issues. If people are likely to need to use it, then they need to go through a VPN. Alternatively, they should stick to paid connections or mobile data.
Please click here now to start your free 30-day trial of Xcitium AEP.
Related Sources:
Endpoint Detection
Endpoint Detection and Response