Ransomware –Simple Steps to Prevent

Ransomware –Simple Steps to Prevent

Regardless if you are an individual or business you are a ransomware target. Ransomware is defined as the outcome of a malware infection that leads to the unwanted encryption of data. The only way to unencrypt the data is through paying the attackers

Regardless if you are an individual or business you are a ransomware target. Ransomware is defined as the outcome of a malware infection that leads to the unwanted encryption of data. The only way to unencrypt the data is through paying the attackers.   In recent instances, the attackers have also threatened to expose confidential information obtained as leverage to extract the ransomware payment.

 ransomware pic.jpg

Key ways to prevent an attack include the following:

  • Patch all software as soon as possible (including operating systems and applications)
  • Educate users not to click on links
  • Have Anti-Virus and Anti Malware in place and up to date
  • Back up all critical systems and data
  • Validate the backup can be used to recover data to the latest “good” state
  • Restrict administrative privileges as much as possible

If you are a victim there are steps you can perform to try to negate the damage. The key steps include:

  1. Remove the infected device from the network to prevent the infection from spreading to other data stores
  2. If a backup of the system exists, restore the system from the backup (be careful the malware is not included in this backup)
  3. Recreate the lost endpoint/files
  4. If a backup exists does not exist, it is a business decision to pay the ransom and obtain the un-encrypt key or reject the demand and rebuild the system. Paying the ransom does not guarantee you will receive the un-encrypt key

By Don Cornish

Don Cornish is the Chief Information Security Officer for Dewpoint. He has an extensive background in IT security architecture and consulting based on his experience for a leading national and global organization. Don has security and compliance consulting experience addressing multinational business entities as well as the small to medium business segments. In addition, he is a Certified Information Systems Security Professional (CISSP).

LANSING
Knapp's Centre, Suite 200
300 S. Washington Square
Lansing, Michigan 48933
Phone: (888) DEWPOINT
Local: (517) 316-2860

GRAND RAPIDS
333 Bridge Street NW
Suite 601
Grand Rapids, Michigan 49504

SOUTHEAST MICHGAN
805 Oakwood Drive, Suite 108
Rochester, Michigan 48307
Phone: (248) 413-6108

CONNECT WITH US