Call 01933 426162 or email info@dufeu-it.co.uk

Ransomware Protection

 

Cybercrime is on the rise and in 2016, incidents became commonplace. There is a good possibility it has already affected your business, halting production and bringing your offices and manufacturing facility to a standstill.

 

For today’s companies, falling victim to one of these attacks is no longer a question of “if” but “when.”

 

So what are the main threats and what can you do to combat them?

 

This guide contains practical advice and easy tips for training employees on cybersecurity and industry best practices with real-world examples. We also outline the essential solutions, designed to help today’s businesses defend against and recover from a cybersecurity incident.

The Big One: Ransomware

Ransomware is malware for ‘data kidnapping’, an exploit in which the attacker encrypts the victim’s data rendering it inaccessible and demands payment for the decryption key. The malware has the ability to encrypt data across a computer network, attacking servers that the victim accesses data from and rendering them inaccessible, not just to the victim but anyone on the network.

 

How Ransomware is Spread

Email is the most common method for distributing ransomware. It is generally spread using some form of social engineering; victims are tricked into downloading an e-mail attachment or clicking a link. Fake email messages might appear to be a note from a friend or colleague asking a user to check out an attached file, for example. Or, email might come from a trusted institution (such as a bank) asking you to perform a routine task. Sometimes, ransomware uses scare tactics such as claiming that the computer has been used for illegal activities to coerce victims. Once the user takes action, the malware installs itself on the system and begins encrypting files. It can happen in the blink of an eye with a single click and is not normally noticeable until an attempt is made to access data on the victims’ computer or network server.

Ransomware By the Numbers

 

In a study by the security company Malwarebytes that surveyed 540 UK companies, they found the following results:

  • 54% of companies were hit by ransomware
  • 58% paid the ransom fee
  • 28% lost business critical data
  • 63% experienced severe business downtime

Must–Have Solutions for Cyber Protection: Layered Security

Antivirus Software

Cybersecurity technology starts with antivirus software. Antivirus, as its name implies, is designed to detect, block, and remove viruses and malware. Modern antivirus software can help protect against ransomware, key loggers, backdoors, rootkits, trojan horses, worms, adware, and spyware. Some products are designed to detect other threats, such as malicious URLs, phishing attacks, social engineering techniques, identity theft, and distributed denial of service (DDoS) attacks.

Access control

Restrict access to your system to users and sources you trust. Each user must have and use their own username and password. Each user should use an account that has permissions appropriate to the job they are carrying out at the time. You should also only use administrator accounts when strictly necessary, for example for installing known and trusted software.

Password Policies

A brute force password attack is a common method of attack, perhaps even by casual users trying to access your Wi-Fi so you need to enforce strong passwords, limit the number of failed login attempts and enforce regular password changes and complexity. Passwords or other access should be cancelled immediately if a staff member leaves the organisation or is absent for long periods.

Firewalls

A network firewall is essential. Firewalls are designed to monitor incoming and outgoing network traffic based on a set of configurable rules—separating your secure internal network from the Internet, which is not considered secure. Firewalls are typically deployed as an appliance on your network and in many cases offer additional functionality, such as virtual private network (VPN) for remote workers.

Patch Management

Patch management is an important consideration as well. Cyber criminals design their attacks around vulnerabilities in popular software products such as Microsoft Office or Adobe Flash Player. As vulnerabilities are exploited, software vendors issue updates to address them. As such, using outdated versions of software products can expose your business to security risks.

Anti-Spam

As most cyber threats are now delivered via email it is critical that you adopt a cloud based Anti-Spam product in order to remove threats before they hit your organisation, spam filters built into anti-virus no longer cut it as they work after the email has landed in your inbox.  An Anti-Spam product that offers advanced threat protection such as re-writing URL’s in emails and scanning attachments offline before delivering them to the end user.  Office 365 is not exempt from attack and therefore a third party spam filter should be used in conjunction with it.

User Awareness Training

 

According to over 1,000 IT service providers, the lack of cybersecurity awareness amongst employees is a leading cause of successful ransomware attacks against an SMB. That being said, employee training is a top component of a successful cybersecurity protection program ensuring all staff understand the cyber threats they face and, most importantly, what they should look for in order to avoid falling victim to them.

 

The weakest link in the defence against cyber-attack is always the ‘human firewall’, this will not improve without proper education, which can’t come until you train your employees.

We offer user awareness training packages which will help your business lower the risk of a cyber-attack by teaching your employees the following:

  • What is a cyber-attack?
  • What is social engineering?
  • What are the most common forms of cyber attack?
  • How do I identify a phishing attack?
  • What are the most common forms of phishing attack?
  • What should I do if I suspect I have opened a virus?
  • Cyber protection best practices

Phishing Simulation

 

Phishing is the leading tactic leveraged by today’s ransomware hackers, typically delivered in the form of an email, chat, web ad or website designed to impersonate a real system and organization. Often crafted to deliver a sense of urgency and importance, the message within these emails often appears to be from the government or a major corporation and can include logos and branding.

 

Phishing Simulation allows us to deliver a number of safe yet disguised emails to your employees in an attempt to discover how susceptible your business may be to a cyber-attack through lack of employee awareness.  The mail benefits to performing a phishing simulation are:

 

  • Identify the issues – Is it an internal awareness problem, a problem with first line defence technology, internal policy issues or the lack of an incident response plan?
  • It increases specific awareness of the phishing and spear phishing threat. When workers fall for a simulated attack, they become more aware of the real threat and more receptive to the message from IT security.
  • It provides security training metrics. Simulated attacks allow you to track the effectiveness of your security training over time and to target the areas or people that most need additional training.
  • It helps to focus both the company and the security staff on user behavior and how to turn that weak link into a strength. People can be a weak link in the security chain when it comes to social engineering attacks. Running simulated attacks can help you develop a balance between spending on technology and spending on security training.
  • Allows for continued learning over long periods of time through randomised scheduling.
  • Gives increased awareness over different forms of phishing such as spear phishing, whaling, spoofing and baiting.

 

For maximum effectiveness phishing simulation should be combined with a user awareness training program.

Backup and Recovery

 

The #1 Solution for Cybersecurity Protection:

 

Taking frequent backups of all data considered critical to your business is vital.  The exact frequency of backups will vary based on your business’ specific needs.  Traditionally, most businesses took a daily backup, and for some businesses this may still be suitable. However, today’s backup products are designed to make incremental copies of data throughout the day to minimize data loss.

 

When it comes to protecting against cyber-attacks, solutions that back up regularly allow you to restore data to a point in time before the breach occurred without losing all of the data created since the previous night’s backup.  In a busy business environment, it is recommended (and very possible) to back up your data every 15 minutes by using the correct product.

 

Given our years of experience with malware and cyber-attacks the one single way you can guarantee that your business is protected and recoverable is by having a fully managed and working backup solution.

 

Some data protection products can take image-based backups that are stored in a virtual machine format—essentially a snapshot of the data, applications, and operating system. This allows users to run applications from the backup copy. This functionality is typically referred to as instant recovery or recovery-in-place, it provides business continuity and is perfect for an ‘always on’ business environment.

Cyber Essentials

 

How do you know you are following cyber security industry best practices and have helped mitigate risk to your business?

 

In 2014 the government released a scheme called Cyber Essentials (www.gov.uk/government/publications/cyber-essentials-scheme-overview). The Cyber Essentials scheme provides businesses small and large with clarity on good basic cyber security practice and the ability for businesses to earn a certification through following these best practices and implementing controlled security measures where possible.

 

By focusing on basic cyber hygiene, your company will be better protected from the most common cyber threats. To properly secure your business and become Cyber Essentials certified contact Dufeu It Solutions Ltd, pricing starts from £300.00.