Ransomware –Simple Steps to Prevent
Regardless if you are an individual or business you are a ransomware target. Ransomware is defined as the outcome of a malware infection that leads to the unwanted encryption of data. The only way to unencrypt the data is through paying the attackers.
Regardless if you are an individual or business you are a ransomware target. Ransomware is defined as the outcome of a malware infection that leads to the unwanted encryption of data. The only way to unencrypt the data is through paying the attackers. In recent instances, the attackers have also threatened to expose confidential information obtained as leverage to extract the ransomware payment.
Key ways to prevent an attack include the following:
- Patch all software as soon as possible (including operating systems and applications)
- Educate users not to click on links
- Have Anti-Virus and Anti Malware in place and up to date
- Back up all critical systems and data
- Validate the backup can be used to recover data to the latest “good” state
- Restrict administrative privileges as much as possible
If you are a victim there are steps you can perform to try to negate the damage. The key steps include:
- Remove the infected device from the network to prevent the infection from spreading to other data stores
- If a backup of the system exists, restore the system from the backup (be careful the malware is not included in this backup)
- Recreate the lost endpoint/files
- If a backup exists does not exist, it is a business decision to pay the ransom and obtain the un-encrypt key or reject the demand and rebuild the system. Paying the ransom does not guarantee you will receive the un-encrypt key
By Don Cornish
Don Cornish is the Chief Information Security Officer for Dewpoint. He has an extensive background in IT security architecture and consulting based on his experience for a leading national and global organization. Don has security and compliance consulting experience addressing multinational business entities as well as the small to medium business segments. In addition, he is a Certified Information Systems Security Professional (CISSP).