8 Steps to Avoid Ransomware!

Most people using the internet think there is no threat out there to worry about.  

We all seem to have one of three attitudes, 

• I am too small to be a target, 
• It will not happen to me or 
• I have nothing worth stealing.

So if these three attitudes are perpetrated by internet users, how come ransom ware is so effective.

Ransom ware is the new go to tactic for cyber criminals. It works on every platform - yes including apple. It works on every browser.  

If it gets through your flimsy defences, and most peoples personal defences are flimsy, then it will work. 

If and when you get infected with a piece of cryptolocker malware (ransom ware) you suddenly realise that you are no longer too small to be a target, you definitely have something worth stealing and you are definitely finding out, the hard way, that it can happen to you.

"If all of my information was lost what would I do", is a dilemma that we see regularly with the cryptovirus.  

No access to files, folders, personal information = huge problem.

I hope it would be a problem.

The newest versions of cryptolocker, has the ability to not only encrypt personal information like previous versions, but it can also encrypt your backups, drop box, google storage or one drive.  

The cyber criminals and their attacks are also getting smarter and more devastating. The 'it will not happen to me' crowd are the people they target regularly.

In fact the cyber criminals have made so much money from cryptolocker that sometimes they use your infection in marketing and give you the unlock key for free. Talk about Russian Roulette!

Do you still think you are safe?

There is a fine line between paranoid, awareness and not giving a damn, but in today's world if you are not a little bit paranoid and increasing your awareness at every availability then there is definitely problems ahead.

So what can you do about it?

To most people, understanding prevention is difficult. 

Here are 8 ways to minimize the risk, prevent infection and yes they cost some money:

Back it up

The first thing you need is a good off line back up. A 'good' backup does a regular backup of your important data. I recommend shadowprotect but there are others available.

How do you classify important data, you have to define that and every person and organisation is different. Once you have that done. Then you back it up.

A good backup system also does a number of other things. If your information is critical the regularity of the backup is also crucial. Backing up important information every 15 minutes during working hours, to an off site server / location is an important first step. In the event of something happening, malicious or accidental, you only loose a maximum of 30 minutes of information.

This is an expensive investment, but it is critical.

That is for computers, don't forget about smart devices, tablets and phones. They also need to be backed up regularly.

Get a decent firewall!

If your protection and connection to the internet is coming from a device that was delivered to you when you opened your internet account then you need to change it - now. Most systems that are available from ISP's and retail shops are useless.  

In today's rarefied digital world you need decent protection and that can only be delivered by systems that are designed to protect you.  

Systems that have intrusion detection, second / next generation firewalls, VPN end points, SPAM filtering and anti virus. These systems will cost more that $500 and are supplied by security manufacturers like Cisco, Fortinet, Palo Alto, Juniper and watchguard.

This is also one of your most important investments.

Patch it all

We have all seen it. Microsoft, apple and android get pretty persistent when they have updates to apply. The reason they are persistent is because they know that there is malware and virus out in the wild that are designed to target holes in their products. These holes are filled by the update process.

Don't forget that you also need patch browsers and plug ins, websites and high end applications like SQL and exchange as well as all of those apps you have on your smart device.

Force complex, unique and lengthy passwords

If you are using passwords that are less than 8 characters - you have a problem. If you have users using dictionary words - you have a problem. If your users are accessing your critical business systems using first names and initials - you guessed it - you have a problem.

Passwords are our passport to the digital world and like a passport they have to be secure.  

There are numerous ways to create complex passwords but my advice is - they have to be complex (using numbers, letters, capitals and symbols), they have to be unique (different for every site you visit), they have to be more that 8 characters (more than 10 is better) and they have to be easy to remember.

Use a good anti virus!

Anti virus is old technology. If you are paying for it, I suggest you stop. Not stop using it but stop buying it. Most anti virus systems will not pick up new malware, especially cryptolocker, but they will pick up older malware.

This makes them important, but the free versions (especially forticlient) are better at catching viruses than something you pay for.

Enforce an internet / digital policy

Get a policy for internet access and enforce it. The good thing about a policy, if you already have a decent firewall then you can use technology to enforce your polcy. It can also define free WiFi, BYOD, expectations and what happens when protection is not though through.

A policy is designed to give both parties an understanding of expectation and enforcement. Use it.

Invest in a business security education program

Every organisation has an on boarding process for new staff members, an induction system that talks about HR, money, roles, job descriptions and the like.  

There are very few organisations that have an induction process for business security. A simple 15 - 30 minute video on digital security would lift the business from low hanging fruit to the next level. Lets face it no one wants to be low hanging fruit!

Get cyber insurance

After all of the above, we can still be hacked. But if you have not done it then there is a good chance that your insurance policy will highlight the small print and not pay out.

Cybersecurity is reactive. We can be proactive to a level but we are always reacting to new threats and attack vectors. That is why you need an insurance policy. To make a claim you have to have all of the above components in place, functioning correctly and audited regularly.

There are other things that you also need to do. Trust No One, get Paranoid and use common sense. All of which give you a healthy dose of reality

But if it has already happened.

You have 3 options:

Hope the variation you have has had the encryption keys exposed

There are a number of the earlier ransom ware variations around that have had their encryption keys exposed. you can do a search to see if they are available of you can go to kaspersky.com and see if they have an unlock process for the variation that you have.

Restore from backup

A good backup is the best thing you can have. It doesn't matter if the problem comes from a failed hard drive, cryptolocker or you have dropped your phone in the toilet. No matter what happens a good backup will save you.

Pay the ransom.

As far as this is concerned I seriously do not recommend that you pay the ransom. But if all else has failed then it is the only way for you to recover your information then you may have to do it. If you do think about paying the ransom then there is always the chance of actually bartering to reduce the costs.

If you do pay the ransom, decrypt your information then rebuild everything!

The malware has hidden components that will encrypt the information later on. When this happens it is more expensive (10x) and in addition you will have all of the information that has been created since the last episode encrypted as well.

When it comes to the ransom ware problem - prevention will save you a lot of heartache.