Monday, May 15, 2017

Ransomware SUCKS - Here are some things you can do...

By now (unless you are living under a rock) you have heard about the terrible WanaCry ransomware attacks infecting computers across the planet. Seemingly, no business type is spared, and the malware isn’t just going after businesses – lots of individuals being infected as well.

So here is a bit of info about the attack, and what individuals and businesses can do to prevent it:

What is it:  

Ransomware is software created by cyber criminals to encrypt the files on your computer, thus blocking the user from being able to use the computer without paying a fee (ransom), usually in untraceable BitCoin or in gift cards such as Amazon and iTunes.

In this latest iteration of ransomware, the bad guys used an exploit discovered and released that was part of an information leak from the NSA, one that attacks a specific communications system on Windows computers.  Microsoft released a patch for this in March 2017 to address the issue (MS17-010, which can be found here), but those without the patch are very much at risk of getting the malware on their computers.

What can individuals do:

Individuals should consider the following in regards to protecting their computer:

Windows Update: Make certain that your windows update is set to automatically download and install any critical updates.  Windows update is generally located in your control panel, but may be in a different location depending on the version of Windows that you are running. 

Install Anti-virus: While certainly not a catch everything solution, find a good anti-virus program for your computer.  There are lots of options out there – if you have high speed Internet, there is likely a free download from your Internet provider as part of your Internet service.  Check with their websites for more information about downloading and installing this free AV software.  If you do not have high speed Internet, there are still free options available.  AVG and several other companies offer very good and fast anti-virus software for your computer.  There is really no excuse NOT to have anti-virus software on your computer any longer, and it can act as a first line of defense to protect you from the bad guys.

Regular Backups: If you become infected, the only way to get your files back (without paying the ransom) is to restore from a backup of your files.  You can back up your data to the cloud – lots of very inexpensive services out there that can do this for you. Or you can try to do it yourself and backup to an external hard drive – again, very inexpensive drives are available and easy to use.  They can be found pretty much anywhere (Amazon, Wal-Mart even Sam’s Club had them on sale this past weekend). Those pictures that you took over the weekend for Mother’s Day cannot ever be replaced, so invest some time and effort on a good backup solution.

Be Aware on What You Click: Lastly, nothing mentioned above will protect you from everything the bad guys can throw at you.  You should be mindful about the websites you visit, the emails you open, and the applications you install.  If you do not know the source of an email or application, DO NOT OPEN IT! If you don’t know if the website is reputable, probably not the best site to visit. Be smart about the things you see and do on your computer – a little common sense will save you from these kinds of nasty viruses.

What IT Pros should do: 

In addition to everything listed above (which I would certainly hope is already happening in your organization), consider implementing technology that help segment your networks, making malware such as WanaCry less invasive.  Cyxtera CISO Leo Taddeo presented the Software-Defined Perimeter is a viable solution / technology to combat these kinds of threats. You can see his CNBC interview here:
Firewalls and VPNs are decades old technology, and the bad guys create their viruses to take advantage of these antiquated technologies.  A software-defined perimeter creates an individualized network, specific to the resources authorized for a specific user.  In addition to dynamic condition checking, it is designed to contain a user to only places that they are authorize to go, thus protecting a majority of your company’s resources. 

You will hear more about solutions to defend your computers and network in the coming days and weeks from every security / technology pundit out there (likely me included). Regardless of the solutions that you choose to augment your security and networks, make certain that it is one that is on the cutting edge of today’s technology, with a strong vision of how to deal with the emerging threats of the future.  


Post a Comment