In my first blog post published two weeks ago, I discussed the nature of ransomware, what it is, why it matters, and what the future of ransomware may hold.
In this post, I’ll discuss some tips to help you protect your system.
How To Stop Ransomware
Now that we know what ransomware is, what we need to know next is: how do we stop it?
There are several things that you can do in order to stop ransomware. Some of them require a degree of technical skill, and others are based around understanding where the threat comes from and taking necessary precautions. What is important to note is that stopping ransomware is a multi-layered approach.
When the WannaCry virus hit, it affected older versions of Windows (primarily Windows 7). Several months earlier, Microsoft issued a patch that fixed the weakness that WannaCry exploited, which means that anyone who was running a fully patched version of Windows was not at risk.
Patching is a very effective way of having protection against ransomware and other viruses. Patching is also a very easy thing to do, and you should do it on a weekly basis to ensure you’re current and not leaving yourself open to the next WannaCry.
It’s also important to have a business-grade, anti-virus solution in place that can handle all manner of malware that comes in and lets you manage everything on a server level rather than on each individual machine.
There are lots of solutions to choose from, many of them good. I won’t get into all of the different solutions here (that’s another post), but make sure you choose one, good solution and only one. “The more the merrier” doesn’t work with anti-virus. If you run multiple anti-virus solutions at once, they will not only add extra stress to your system, but also may identify each other as viruses and corrupt files or cause other errors.
Ransomware and other viruses must come from somewhere, and very frequently it’s by downloading them. No one would purposely download a virus, but viruses are often hidden and meant to look like legitimate downloads.
One of the main sources for illegitimate downloads is spam. Most people can detect most spam and delete it before they click on something they shouldn’t. Sometimes, however, it’s not so clear-cut and may even look legitimate at first glance – like an invoice from Microsoft or a resume from a prospective new hire. But when you click on the attachment, it’s too late: the ransomware is already in your system.
As such, you need a business-grade, anti-spam solution that cannot only filter out the harmful emails, but also give you a place to check the emails that you think may or may not be safe, so they aren’t opened on your network, but in a “safe container” elsewhere.
Part of spam control is having good practices in place to ensure your employees know what to do if they receive malicious spam, which should go beyond just knowing to delete spam before opening it. In addition to pam other potential sources that your employees need to be educated about are potentially malicious links on websites, downloading files from the internet, accessing public Wi-Fi, and using USB sticks from unknown sources.
Want to learn more?
Sign up for my upcoming webinar: How to protect you and your organization from ransomware
When: Tuesday, Feb. 20
Time: 1 p.m. CST
Hosted By: Paul Shea, Business Development Manager
To Sign Up: Register here
Ransomware attacks are causing untold damage to individuals and organizations of all sizes – and they show no sign of slowing down.
If you’re interested in having greater insight into ransomware and understanding how to protect you and your organization, sign up for this webinar
We’ll answer the questions:
- What is ransomware?
- How can you prevent it?
- How can you get rid of it, if you’ve been infected by ransomware?
There will be an opportunity to ask questions during the presentation.
See you there!
About Paul Shea
Paul Shea is the Business Development Manager at 365 Technologies. He helps educate our clients on securing their computer and network systems. You can contact him at paul@365Tech.ca with any questions you have regarding IT support or ransomware.