PROTECT YOUR BUSINESS FROM RANSOMEWARE – Some Facts and best practices!

The news broke on Friday of a massive ransomware attack on the UK NHS and the attack has now impacted up to 200,000 organizations in 150 countries. As such, we have received many emails and phone calls asking if “we are protected” and “what can we do to prevent an attack” since the news broke. Well, the reality is that you CANT prevent the attack from TRYING to occur and if you are unlucky enough to be attacked and compromised, there is not much you can do to recover your data UNLESS you have good backups.

Let me explain this in simpler terms: MOST security measures are reactive – not proactive. Think of getting a flu shot – this prevents KNOWN diseases from attacking you (in most people) it does not mean you will never get sick or that a new strain will infect you. Its an ounce of prevention but no guarantee. The attack vector USUALLY is an email you open or a web site you visit. Just reading the email can instantly infect your systems. The attack is invasive and will search out your servers and other systems thereby locking ALL you data – hence why we DO NOT recommend locally connected hard drives for backup – we have seen too many times after we remove the infection the systems be re-infected by these devices.

Now back to your protections, most of us will not spend the money to change our routers and firewalls to “better” units. Think right now would you:

A. Spend $1500 for a new router that will not prevent an attack but provide better protection? If you say YES than i will make sure you have piece of mind – I have them in stock now and have installed them in a few customers already.

B. Will you spend $50 more month for for a “better” antivirus” that’s managed  and provides additional protections?

I strongly suggest you think about these 2 options if you business data is critical.

Steps you can take to mitigate ransom where attacks:

1. DO NOT USE AOL, Yahoo, Gmail or any other free mail service – We cannot stress this enough – those services are hacked regularly and are not secured. They are not business services – Call us and we can switch you over to our secured Microsoft Exchange Emails
2. Do not allow employees to read their personal emails using the above services on your business systems
3. DELETE ANY email you are not sure of
4. Delete Any Email you are not sure of
5. Did I mention to delete ANY email you are not sure of?
6. NEVER open attachments from emails you are unsure of – DELETE Immediately
7. Avoid social media on work computers
8. Remove all external backup drives from systems
9. Remove all weather software and any other non-business software from user stations
10. MAKE SURE YOU HAVE REMOTE BACKUP SERVICES – We have saved many businesses from total disaster with our service – it may take 2 days to retrieve all your data – BUT you HAVE all your data!
11. Update your firewall/Routers – remove all cisco/linksys routers/firewalls and allow us to install more secure systems
12. Change to our managed antivirus
13. Migrate all your emails to our secure Microsoft Email servers

In effect this comes down to training and enforcement of specific policies for you and your employees.

Nothing is 100%, no one is immune – but by judiciously applying resources in upgrades and training, you can harden your systems and continue doing business!

I have included an attachment for my Ransomware hostage rescue manual – give it a quick read.

Contact us anytime to discuss and we can provide you with suggestions to securing your business.

Users of Windows need to be notified ASAP of a new ransomware strain and take immediate measures to patch.

Specifically, on May 12, 2017 a new strain of the Ransom.CryptXXX (WannaCry) strain of ransomware began spreading widely impacting a large number of organizations, particularly in Europe.

Wcry is demanding a ransom of $300 to $600 in Bitcoin to be paid by May 15, or, in the event that deadline is missed, a higher fee by May 19. The messages left on the screen say files will remain encrypted. It’s not yet clear if there are flaws in the encryption scheme that might allow the victims to restore the files without paying the ransom.

If you have yet to install the Microsoft fix—MS17-010— you should do so immediately. You should also be extremely suspicious of all e-mails you receive, particularly those that ask the recipient to open attached documents or click on Web links.

If you have seen nonstandard activity and believe your customers’ information may have been exposed, please contact support.