Tag: virus scans

Protecting Your Network from Ransomware

Protecting Your Network from Ransomware

What is Ransomware?

Ransomware is malware that holds the victim’s data ransom by preventing access to the computer by locking the desktop or by encrypting the user’s files where they cannot be read. The malware then displays a ransom note, possibly pretending to be from federal or local law enforcement of some sort.

The ransom note may even claim that the computer was used to look at illegal websites, videos, or images and will try to frighten the victim into paying up by threatening to bring them to court.

As we quickly approach 2016, researchers at Fox IT have successfully identified the “Big 3” Ransomware families, whose members have generated huge income in 2015:

  • CryptoWall
  • CTB-Locker
  • TorrentLocker

What are the Basic traits of Ransomware?

Although each ransomware variant is unique, they still work in similar ways. There are generic traits seen with these behaviors.

File-system behavior

Most ransomware will place payment instruction files in the directory of the files that it’s going to encrypt. These files are usually in the form of a text, image and/or URL. It may even include a popup window notifying the user that his files are being held ransom and require a ransom.

Network behavior

Ransomware will encrypt files on drives that are network mapped on the computer as a side effect. This can affect an entire business that relies on network shares for their data, potentially spreading from one computer, to the server, to all other computers that access that server. Having a proper backup solution in place may be the only solution to protecting your data.
As we find encrypted files on a network share, we can use that to determine which user was initially infected with the ransomware by checking the creator of the instruction files on the share. This tells us which computer to disconnect from the network. The goal is to disconnect the infected user as quickly as possible from the network to prevent any further damage.

So where did the Ransomware come from?

One method for installing ransomware is through certain websites. These may be malicious websites, set up by criminals for the sole purpose of infecting website visitors, or they may be legitimate websites that have been compromised by infected advertisements or links by the criminals and used to spread malware.
Another way ransomware can install on your computer is through the opening of email attachments in SPAM or infected emails. These malicious emails may have what looks like regular files attached, but once you open them, your computer is at risk of becoming infected with malware. You may not even see it happening.

Ransomware on Mobil Devices

Ransomware for mobile devices is becoming more common and now have the ability to lock your smartphone or tablet or even encrypt the files stored on these devices. Criminals have learned that we are more dependent upon our phones and tablets than ever before. In some instances, they are more frequently used than our computers, explaining the increase in “mobile malware”.

Follow these tips to stay protected from ransomware.

  • Make sure you have a quality, antivirus program installed on your network, and that it continues to be updated on a regular basis. This also includes installing a reputable security app on your phone and tablets.
  • Keep the operating system and all software on your computers & servers up-to-date by installing the latest security patches and updates.
  • Consider adding a mail-filtering service that not only protects your email from SPAM, but also adds manageability and virus protection. Some services, such as MailWatch from CMS, will continue to spool your email when your connectivity is down, protecting you from lost emails.
  • Avoid downloading software or mobile apps not necessary to your work and only download from trusted sources.
  • Most importantly, Backup! For your network, have a data backup solution in place that protects your critical data on your network so that if anything does happen, you have an untainted backup source to retrieve from and restore to your network. And don’t forget to back up your mobile device to a reliable cloud source that you can retrieve from and restore.
The Value of Managed IT Services

The Value of Managed IT Services

So, What is “Managed IT Services”?

We like to call it…your virtual IT department.  Imagine staffing an entire company just to be your IT support, but not having to worry about training, employees calling in sick, or any other issues with an in-house staff.  Managed IT services means that you have access to an entire technology company when you need it, staff who is watching and proactively protecting your business data and network.

Here’s How Your Business Can Benefit from Managed Services.

Remote Support – Most managed services providers will offer some type of remote support. Here’s your scenario….

It’s the end of the month and Sally comes to work to get payroll done. She turns on her computer first thing in the morning, opens an email attachment from a “customer”, and sees an alarming pop-up on her screen, warning her that her PC has been infected and to immediately click below to fix her computer.

Instead of clicking, Sally places a quick call to her IT support help desk so that her managed services support can gain remote access to her PC and verify that the popup is indeed part of the virus.  Being trained and familiar with this type of malware, they then properly remove any traces of the malware without the PC getting completely infected and Sally is able to go back to work.

If caught quickly before anything else was loaded into the PC, this call may have only taken 15-30 minutes of her time. Now, there are instances where things are worse and it does take longer, but Sally’s issue was resolved without having to schedule an engineer to come out on-site, saving both money and time. After all, productivity in a business is what really matters.

Scheduling Priority – So what if Sally’s PC was already infected beforehand. This may prevent IT staff from gaining remote access to her PC, because unfortunately, that is what malware does. Your IT company may offer their managed services customers a scheduling priority. Basically, your emergencies take priority over other minor IT calls from customers who may not subscribe to managed services.

Proactive Network Management – aka…”Stopping threats before they happen.”

Monitoring software can help manage your network, notifying staff when your server is no longer connected to the internet or your business network.  They can also receive status updates on possible hardware failures, keeping your network running and preventing problems before they happen.

Let’s not forget to include email services that not only block SPAM, but blocks malicious programs that may try to enter your network through a email link or fake attachment.  What if Sally’s virus-infected fake email was blocked before entering her email client?  She would have never seen the threat.

Management of your network security through your firewalls, routers, and even your antivirus software can prevent threats from ever entering the playing field as well.

Other benefits of managed services can include:

  • Disaster recovery planning & data backup management
  • 3rd Party vendor management & assistance
  • Software updates and Microsoft patch management
  • and more depending upon your IT company’s profile

How many people would you have to staff to take care of everything mentioned above?  

Don’t forget, along with salaries, there’s employee benefits to include. And the larger your company network is, the larger your IT staff would need to be to properly secure it.  So just maybe using a Managed IT services provider is what your business needs. And if you’re not sure, find a local IT company like CMS IP Technologies that is willing to do a free evaluation of your network.