Skip to main content

WannaCry: What is ransomware and how to avoid it.

Ransomeware is in the news like never before. Everyone’s talking about how important it is to keep up to date with security updates to avoid a recurrence. While that is undoubtedly important, is that all organisations can do to protect themselves? Here is a viewpoint on what businesses can do, even if ransomware does breach their security defenses.

Most people reading this have, by now, heard of Wanna-cry, the ransomware attack that is all over the news. As a cyber attack, its scale is massive, with some calling it the biggest of its kind. As I write this, it has infected over 2,00,000 devices in 150 countries, with possibly several more to come as the new week starts.



















What does the attack do? 


 The attack used a category of virus known as ransomware. Once infected, a target’s computer has its files encrypted. The user then gets a ransom demand usually asking for payment in a “ Crypto Currency ” such as bitcoin — which must be paid in order for access to be restored. 

When a system is infected, a pop-up window appears with instructions on how to pay a ransom amount of $300. The pop-up also features two countdown clocks; one showing a three-day deadline before the ransom amount doubles to $600; another showing a deadline of when the target will lose its data forever.



How it spreads:


Ransomware is a programme that gets into your computer, either by clicking or downloading malicious files. It then holds your data as ransom.
Some security researchers say the infections in the case of WannaCry seem to be deployed via a worm, spreading by itself within a network rather than relying on humans to spread it by clicking on an infected attachment.

What can you do to prevent infection:


Here are the steps you should take to protect yourself against ransomware:
- Install and use an up-to-date antivirus solution .
- Make sure your software is up-to-date.
- Avoid clicking on links or opening attachments or emails from people you don't know or companies you don't do business with.
- Ensure you have smart screen  turned on, which helps identify reported phishing and malware websites and helps you make informed decisions about downloads.
- Have a pop-up blocker running on your web browser.
- Regularly backup your important files.

How to use backups to defend against ransomware:

  1. Invest in reliable backup software that can back up all your endpoints. Look for something that can handle both Windows and Cloud computers.
  2. To make the solution more bulletproof, consider putting your backups on the cloud (Recommending Google Cloud ). This builds in more separation between the potential ransomware attack and your data copy. Make sure the solution can utilize cloud storage as a backup target.
  3. Look for software that is cloud-agnostic and doesn’t tie you down to its own cloud. You should be able to shop around for the best cloud storage prices and have the software work with the cloud of your choice.
  4. Make sure the backup payload being sent to the cloud is encrypted—using encryption keys you control.  After all, this is valuable data that you’re spending good money protecting.  Make sure it is safe from prying eyes.
  5. If you’re managing many endpoints, you’ll want to be sure to look for a solution that:
    1. Can be centrally managed via policies.
    2. Can scale over tens of thousands of endpoints.
    3. Allows users to do their own restores.
    4. You’ll also want to look for some type of integration with the user namespace you’ve implemented, like Active Directory.
  6. Since your outbound network bandwidth can be at a premium, look for software that can minimally do the following:
    1. Perform incremental backups, i.e. identify files that have been modified and move only those to the cloud. Even better, maybe move only portions of the files that have changed. This could be especially useful for very large files like PSTs that change very little every day.
    2. Resume a failed backup from the point of failure.
    3. Be resource-sensitive and use techniques like compression and de-duplication to save network bandwidth and storage space.
    4. Allow you to manage data retention by file versions so you can get back data from a previous day or even a previous week.


Contact our hotline for more information and Online Assistance +94710326326

Subscribe our youtube for weekly Vlog " Ask Finetech " on every Thursdays
https://www.youtube.com/channel/UCM1XR4yUmryIdI5um99YlKw

www.fcpl.biz










Comments

Popular posts from this blog

People are going wild for a handy new shortcut that will change the way you use Google Docs

- Google has introduced new URLs that can open up blank Google Docs with the click of a button. - To try it out, simply point your browser to  doc.new  or other Google URLs. - Here's an incomplete list of these new URLs, along with a way to take the shortcut to the next level. Last month, Google rolled out a new time-saving shortcut for anyone who spends a lot of time in Google Docs. To open a new, blank document — or spreadsheet, or presentation — all you have to do is go to one of Google's handy new URLs. So if you want to start a new document, you just have to type " doc.new " into your browser. Google Docs ✔ @googledocs Introducing a .new time-saving trick for users. Type any of these .new domains to instantly create Docs, Sheets, Slides, Sites or Forms ↓ 9:35 PM - Oct 25, 2018 4,550 2,812 people are talking about this Twitter Ads info and privacy Here&#

Set start times and import reminders in Tasks

Here comes one of the most awaited features. Tasks is one of the goals to follow what you have to do in G Suite. These new updates will help ensure the majority of your to-dos are in Tasks, and guarantee that you can monitor the due dates related with them. Moreover, importing reminders to Tasks can support your users if your association is at present changing from Inbox to Gmail. Set a date and time for your tasks and receive notifications - You’ll find a place to add date & time. Create repeating tasks - Also you can make an event recur. Import reminders into Tasks This import tool will pull your reminders (from Inbox/Gmail, Calendar, or the Assistant) into Tasks.When importing reminders into Tasks, we’ll copy over the title, date, time and recurrence of the reminder. Please note, reminders with locations associated will not be imported. Additionally, this is a one-time import and not a constant sync. - When you open Tasks on the web or your mobile app, you’ll se

Use Vault for Gmail Confidential Messages and Jamboard Files

Google vault will be supporting two new formats in the future, Gmail confidential mode emails & Jamboard files stored in Google Drive. Google Vault gives you a chance to retain, hold, search, and export data to support your organization’s retention and eDiscovery needs. This dispatch includes support for new information types with the goal that you can thoroughly oversee your association's information. What happens when individuals in your association sends confidential messages? Vault can hold, retain, search, and export all confidential mode messages sent by users in your association. Messages are constantly accessible to Vault, notwithstanding when the sender sets a termination date or denies access to private messages. Here’s an example of what admin@ink-42.com will see in Vault when they search for sam@ink-42.com and preview this email sent by lisa@ink-42.com . But It’ll not work vise versa. Admins can hold, retain, search and export message headers and s