March 15, 2017

Ransomware knocking at your door?

Ransomware Survival Guide

 

1. Malware Detection and Protection

Antimalware software suites and SaaS is the first layer of your parameter defense. Quality antivirus protection can stop thousands of security threat and attack attempts per day. In a case where an employee inadvertently clicks on a malicious link or downloads a Trojan-containing attachment, a good antivirus will often save a system from full-fledged, system-wide infection. However, in the wake of new strains of ransomware, permeating often at a rates higher than antivirus definitions and signatures can keep up with, the probability that singular infection will succeed is rather high.

 2. Multifaceted Data Protection

A data protection solution provides the ultimate failsafe in a layered defense strategy against ransomware. A data protection solution will automatically and invisibly take snapshots of your data and systems at regular intervals, and store that data in a secure location. Should ransomware successfully penetrate your layered defenses, you can simply ‘turn back the clock’ to a snapshot of your business before the attack happened. No ransom, no downtime, no problem.

Rapid data and system recovery

 3. Awareness and Education

Educate anyone with access to company email, computers, and servers with a user awareness training program aimed to inform about the dangers of social engineering schemes and phishing scams. Teach good security practices about email attachments and stress the importance of diligence. However, even the most educated and well-meaning staff members are not immune to human error. Education, on its own, is not adequate protection.

Ransomware attacks are commonly spread through traditional file syncing, when one user’s infection can spread to others; By using Datto Drive, you can easily roll back to a backup created before the attack.

How to protect yourself against ransomware?

It is imperative to prevent ransomware attacks from happening to you in the first place.

As ransomware techniques and malware are omnipresent and continually evolving – and most anti-malware programs rely on databases of rules and malware definitions to detect it – by the time malware is detected it’s often too late. You should focus on two main aspects in particular:

Prevention

Take preventive approach in the areas of:

  • Robust and current technological prevention measures and controls
  • Invest in state of the art cybersecurity (if you can afford it)
  • Start with an antivirus with active monitoring
  • Multilayered protection: anti-malware and anti-ransomware to thwart advanced malware attacks such as ransomware
  • Raising personnel of awareness: keep your staff informed as most common ways to get infected with ransomware is through social engineering
  • Educate yourself and staff on how to detect phishing campaigns, suspicious websites, and other scams
  • Technical training for employees on dos and don’ts online
  • Finally, stay informed and exercise common sense. If it seems suspect, it likely is.

Develop and implement robust business continuity and disaster recovery plan for your organization

  • Implement multilayered backup solution
  • Intelligent Business Continuity solution
  • Have comprehensive data protection
  • Reliable hybrid backup system
  • Real-time backup and frequently test its effectiveness (restore drills)
  • Cloud storage/backup service with high-level encryption and multiple-factor authentication

Yes, the aforementioned bullets sound a bit like corny tautology, but we can’t stress importance of a comprehensive backup system in place to protect your businesses’ data against ransomware.

While data backup is one of the key pillars of combating ransomware infections there have been cases of ransomware encrypting backups. Therefore, you need a managed backup system like Datto that is capable of malware detection via an automated analysis of the backup images.