Technology

4 ways of preventing loss due to ransomware

Last week, the WannaCry ransomware attack caused at least partial shutdowns of operations at Britain’s National Health Service (NHS) and Spain’s Telefonica, as well as at FedEx here in the US.

Fortunately, 10Pearls was not affected by this ransomware, and our information (as well as the information entrusted to us by our customers and partners) remains safe.

When security incidents like these make the news, I feel it is valuable to touch base with our customers and partners to give an update and offer prevention tips. I’ve put together the following brief on ransomware and how it can be prevented, detected, and remediated. I’ve also included my analysis of what made this instance particularly newsworthy.

Overview

Ransomware attacks use a combination of techniques to attack your system and encrypt your files. The criminals behind these operations hold your information ransom in exchange for an untraceable, anonymous payment. This type of attack has been very successful and financially rewarding, so its frequency continues to increase and accelerate. Even if you make a payment, there is no guarantee you will get your files back. Remember: you’re dealing with criminals.

Prevention

There are four main mechanisms for preventing loss due to ransomware: patching, anti-malware, awareness, and backups.

  • Patching ensures that your system, and all the software running on it, is up to date. Ransomware uses security vulnerabilities to infect your system, so enabling automatic updates, or applying patches as quickly as possible, is the best defense against being infected in the first place.
  • Anti-malware, or anti-virus, is hopefully a key piece of security protection on every individual’s computer. There are free and paid options, but just make sure they are kept up to date to detect the latest variants. Consider newer solutions that include messaging protection.
  • Awareness is critical. People are usually the target, and ransomware criminals use “social engineering”–a fancy term for lying–to trick someone into clicking on links or attachments to spread ransomware. Individuals need to treat everything that comes to them with suspicion. Businesses should not only focus on force-feeding “security awareness training,” but raise awareness by giving individuals a chance to share their concerns and work together on better solutions.
  • Backups are really the last and best defense for ransomware. An offline backup–one that is not accessible directly via a shared or attached drive–will allow you to recover your data after a ransomware attack. Sadly many businesses and individuals have lost a great deal of money, time, and productivity to ransomware due to the lack of backups.

Detection and Response

How do you know when you’ve been subjected to a ransomware attack? Typically, a large banner appears across your screen, alerting you to the fact that your files have been encrypted. If this happens, you should immediately shut down your computer. You should also disconnect it from networks by unplugging network cables or turning off wireless. Organizations may be able to detect and respond to ransomware attacks at the network layer as well. Network-based anti-malware solutions and outbound request filtering can be used to detect ransomware attacks and lessen their impact.

What Made WannaCry Different

Most ransomware spreads through “phishing,” which typically comes in the form of emails that look like something they are not. For example, an email that contains an attachment that says it is a tracking number for an order you placed–which does not line up to an actual order. The user that receives the email believes the email is authentic and opens the link or attachment it provides. In WannaCry’s case, it also spread over networks, using an almost two-month-old flaw in Windows operating systems. In this way, it spread without user interaction and attacked a relatively recent vulnerability. This vulnerability was significant enough that Microsoft took the unusual action of providing patches for systems with expired support periods, including Windows XP and Server 2003.

Final Thoughts

Ransomware is making criminals rich. Untraceable currencies such as bitcoin have limited the risk that these criminals have in profiting from their activity. As a result, ransomware attacks will continue to accelerate, and the attacks themselves will become more complex.

Act quickly and make sure you and your organization are active in your prevention efforts–including patching, anti-malware, awareness, and backups–before it is too late. Businesses should also consider looking into cyber insurance, or at least review their policies. A policy with the right protection can cover not only for the loss of data but the business interruption due to a ransomware event.

10Pearls has helped reduce risks related to information security for numerous businesses. We would be happy to speak to you about your challenges and help protect you from potential breaches. Please feel free to contact us.

The story originally appeared here.

Sponsored
Peter Hesse

Share
Published by
Peter Hesse

Recent Posts

Garena Free Fire India Launch Rumors: What Fans Need to Know

Reports suggest that Garena Free Fire is set to make a much-anticipated return to India.…

16 hours ago

Albania Bans TikTok for One Year: Here’s the Reason!

The Albanian government has announced a ban on the social media platform TikTok for a…

20 hours ago

Google Pixel 9 Pro vs. 8 Pro: Biggest Upgrades Compared

The launch of Google’s latest Pixel lineup brings an exciting chance to compare the new…

21 hours ago

Azad Kashmir to Host Pakistan’s First Women-Centric Software Technology Park

ISLAMABAD: In February next year, Pakistan is set to launch its first women-focused software technology…

22 hours ago

HEC Reveals Law Admission Test Date for LLB Students

The Law Admission Test (LAT) has been announced by the Higher Education Commission (HEC) of…

23 hours ago

Meta’s WhatsApp to Release New Playback Speed Feature for Videos

Meta's WhatsApp is rolling out a new playback speed feature, allowing users to adjust video…

1 day ago