5 steps to help prevent the dreaded Ransomware virus

Pinchinthorpe Hall

Neil Sotheby, Giraffe

Neil Sotheby, systems administrator with Giraffe Connected Solutions Limited, tells you how you can protect your business from potentially devastating threats such as the CryptoLocker virus…

“Ransomware” is latest kind of malware striking fear into the hearts of business and private individuals alike.

Such viruses mainly target computers running Microsoft Windows and were first detected on the Internet on September 5 2013. CryptoLocker, one of the most common, is spread via infected email attachments and through an existing botnet, a collection of “hacked” devices controlled by viruses.

Once activated, the malware encrypts certain files stored on both local and network drives. The malware displays a message offering to decrypt the data if an untraceable payment (through either bitcoin or a pre-paid cash voucher) is made by a stated deadline. It then threatens to delete the means to decrypt if the deadline passes. The ransom increases until this cut-off point is reached, when decryption becomes impossible.

Scared yet? Here are five steps you can take to significantly improve your chances of evading such attacks…

1. Carry out daily backups: This is by far the most important advice on our list. Even if the virus hits you after you’ve taken the steps below, daily backups will provide you with a way to recover your precious data. Remember that backup devices must not be left connected to your computers. If they are, the virus could also infect the backup – and an encrypted backup is a useless backup.

2. Keep your antivirus software current: An up-to-date antivirus system is key to blocking attacks or at least flagging up potential threats (such as suspicious Word documents or dangerous external storage devices). We can’t overemphasise how crucial antivirus is to any company’s defence strategy or even to a single PC.

3. Introduce file access restrictions: Restricting access to files or folders will limit the potential for damage to the wider organisation. For example, if CryptoLocker strikes a PC that has full access to shared drives on a company’s servers, they will all be infected. It’s a good idea to limit access to shared files and folders where possible, so that only those users who need them have access. More advanced methods can be used to restrict access so that only authorised programs can access files.

4. Ensure you have a robust mail filtering system in place: This is a great asset to any business. All day, every day, it will block spam emails and viruses, limiting the opportunity for an employee to inadvertently open an attachment and invite a virus into your systems. A massive 80% of mail processed by Giraffe’s mail filter is either spam or viruses. That shows the enormous volume of unwanted emails swilling around the Internet every day.

5. Train your staff to spot the danger signs: Ensuring that your staff are up to date with current risks and having adequate procedures and IT policies in place is paramount to killing viruses at source. For example, if a member of staff or customer brings in an external device, employees should understand the need to be extra vigilant and scan the device with antivirus software. If an unfamiliar email arrives, they should automatically check the attachment with antivirus software or on a useful site such as virustotal.com before opening it. Either of these approaches will tell them whether the attachment is safe to open. But the mantra should be that if you’re still not 100% sure of an email, attachment or USB device, don’t open it!

Routinely following the above steps will go a long way towards protecting your company. If you don’t follow such advice and ended up getting infected, downtime and loss of work is the best-case scenario you can expect. At worst the virus could permanently delete ALL your data and leave your business in ruins. Be thorough and never doubt that there are people out there actively targeting companies like yours with this kind of attack.

Based at Stockton’s Fusion Hive, near the Millennium Bridge on North Shore Road, Giraffe provide IT support for businesses of all sizes, including contracts, one-off projects and consultation. Clients include organisations and businesses in the charities, legal, financial services, telecoms, manufacturing and retail sectors.


Be the first to comment

Leave a Reply