Plum Networks Ltd - Articles

Best practises to avoid and be prepared for a Ransomware attack

by Plum Networks Ltd

Posted on February 1, 2018 at 12:00 PM

Card image cap

Recently we have seen a huge upsurge in ransomware type attacks which can have devastating effects on business. Ransomware attacks are a type of virus which encrypts files on your pcs and servers, a notice then appears requesting you to pay a sum of monies to retrieve your data. Firstly dont get fooled, Paying your way out is unlikely to yield any positive result and more likely to make matters worse. It is unlikely that you can unencrypt the data

If you find yourself in this position you need to act quickly and disconnect yourself from the internet and disconnect all your computers from the network (desktops, laptops and servers) also disconnect your backup hard drives for the moment. At this point you need to go through your systems and see what files you can access or not. Your system is infected and you will probably need to reload many of the machines, if you have a good backup then this should not prove difficult just time consuming. Be aware some Ransomware has been seen to infect attached hard drives so you may need to look at your online backup solution or the swapped backup drives.

Prevention is the best way to deal with attacks on your network and safeguards your business. Below are a few simple but effective tips that will help reduce the risks.

If you feel that you want some professional help then please get in touch with the team at Plum Networks Ltd, these steps are just the beginners guide and there are other security steps that can be taken through the server active directory, permissions and firewalls.

  1. 1) Implement an email / spam filter Most ransom-ware comes through your email system, so this is the 1st step. Most anti-spam systems will happily stop most ransom-ware before it even hits your system. Its inexpensive and easy to implement.
  2. 2) Train staff to be aware Ransom-ware emails tend to come in masked like phishing emails. To your staff they should be pretty obvious, but it only takes a second of distraction to click on one by mistake. A short staff training exercise should help keep the awareness up.
  3. 3) Admin access is just for administrators Very simply, the ransom-ware will attack everywhere on the network the user has access to, so limit access. This sounds very obvious but small companies tend to not see the need to add group policies and folder permissions. This can help mitigate a disaster to an annoyance.
  4. 4) Have an external backup The most horrible part of current ransom-ware attacks is that it automatically goes for attached storage devices making internal backups redundant. You need an external backup preferably a managed online cloud backup.
  5. 5) Have an up-to date antivirus You may have thought this should be the number one on the list, but if a staff member has clicked on a ransom-ware, they have normally already bypassed your antivirus. The big BUT is that anti virus software are continually being updated to deal with the latest threats and you may be lucky with a recent update.

If you need professional advise or are dealing with the after effects of an attack, call us we have a team of experts ready to help.

© 2017 - All Rights Plum Networks LTD.