How To Secure Your Network From Ransomware.

If you have been watching the news lately you might have heard about ransomware. As you may already know ransomware is a type of virus that encrypts your files and asks for a ransom ranging from $300 USD to $1500 USD (most common versions) and up to $18,000 in some cases paid in BitCoin (1 BTC = $2596.40 USD at the time I published this article). Some newer versions are designed to be smarter and to encrypt more file types causing more harm to your business. They also rename the files making it very hard to recover your files. WannaCry is a version of ransomware that infected hundreds of thousands of computers last May utilizing a Windows exploit to sneak in. A new ransomware version named GoldenEye (click on the link to read the article dated June 28th) is using the same exploit and has caused serious damage.

The attacks started in Russia and Ukraine and are finding it’s way to North America. This version uses an exploit that we have already patched on our client’s computers. Other versions use attachments as a means of infection and distribution. Do not open any attachments that end with .zip, .rar, .exe, or .bat even if it is from a known contact. Word and Excel files may also carry a virus in the form of a Macro. If you open a Word or Excel document and see it is a blank document close the document, unplug the computer from the network, and start a virus scan.

Infections from such threats can be avoided by:

1. Spread user awareness and education about ransomware and how it spreads. Forwarding this article or sharing it is a good start.
2. Install a network-level firewall with advanced malware protection and content filtering.
3. Install a centrally managed antivirus and update periodically.
4. Perform periodic maintenance on computers and servers.
5. Have a strong disaster recovery plan and test it periodically.

Be very careful as ransomware versions are getting smarter causing more damage with every new version. We encourage you to replace your router with a business-level firewall with advanced malware protection and content filtering such as Meraki products.

Notable quotes

• Ukraine: “As a result of these cyber attacks these banks are having difficulties with client services and carrying out banking operations,” the central bank said in a statement.”
• Russia: “Russia’s Rosneft, one of the world’s biggest crude producers by volume, said its systems had suffered “serious consequences” from the attack. It said it avoided any impact on oil production by switching to backup systems.”
• BitDefender: “There is no workaround to help victims retrieve the decryption keys from the computer”