We all know that Ransomware is a hot topic following the recent attack which caused a massive upset to the NHS. Ransomware and Malware, similar to the common cold comes in many strains or as it’s known families, since the first outbreak in 2012 there have been 249 families discovered.
Data Source F-Secure State of Cyber Security 2017
Cyber criminals which released and caused the spread of the WannaCry ransomware variant across 150 countries have been reported to have been requiring £230 per computer to unlock and decrypt files so data could be used again. They don’t just ask for this ransom to be sent to their bank account, they ask for this fee in digital currency or crypto currency such as BitCoin or Etherium which are legitimate currencies. BitCoin has a hidden talent and can be used anonymously meaning money can be transferred all over the world without the usual banking paper trail.
Since the WannaCry outbreak there has been a new more competent strain released but this time it came from the Petya family, which should have you worried. The Petya crypto-ransomware has extra built-in capabilities that allow it not only infect a machine but then it will look on your computer network to find other computers that it can infect before rebooting your system. When it restarts the computer it will not only encrypt your data files but encrypt part of your Windows system meaning it’s unusable, then it will display a message asking for a ransom.
These devastating pieces of software are usually spread via email containing a link which the user will need to click thus infecting the computer.
These ransomware families can be protected against by using by using reputable security software, you should keep your systems and software patched with the latest security updates, and depending on system type make this automatic. Educate your staff on the dangers of clicking on links in emails and have a good firewall in place that can filter traffic passing through it to detect threats. Maintain a backup of your data, this should be automatic and not need any human interaction, you should also periodically test that backups work.
Here are some recommendations which will help you protect yourself and also help meet the requirements with the GDPR (General Data Protection Regulation) which comes into force in May 2018.
Protection Service for Business is one of the world’s leading multi-endpoint security solutions, designed to solve complex security needs as easily as possible. It is the only unified security solution that delivers centrally managed computer, mobile and server security, with integrated patch and mobile device management.
F-Secure Radar is a turnkey, enterprise-grade vulnerability scanning and management solution that gives you time to not only look for vulnerabilities, but also to start fixing them. F-Secure Radar is a recognised PCI ASV certified European solution and adheres to risk and conduct compliance with current and future regulations (such as PCI_DSS and GDPR compliance).
WatchGuard offers the most comprehensive portfolio of security services on the market, from traditional intrusion prevention, gateway anti-virus, application control, spam prevention, and URL filtering, to more advanced services for protecting against evolving malware, ransomware, and data breaches. Each security service is delivered as an integrated component within an easy-to-manage and cost-effective Firebox appliance.