Is Your Company Protected from Ransomware and Zero Day Exploits?

There has been an increase in the volume of malware attacks in Ireland recently. In the article below, Gary Melvin, Technical Director at Brandon Global IT, discusses how you can protect yourself against this security risk.

Recent Malware Attacks: How to Protect Your Data

Over recent weeks and months there has been a noticeable increase in the targeted distribution of ransomware, which is a particular type of malware that forces users to make an online payment to regain access to their systems or to retrieve stolen data.
 
A ransomware attack can take many forms - the most popular methods being email, web and fake application updates from infected internet sites. As the level of these incidents increases there is a need to ensure that end users are aware of the threat and exercise caution when dealing with suspicious emails or websites.

Email

Users may get a forged email that comes from a trusted source such as an internal or external person or company. The email contains an attachment which is usually a PDF document or a link to an infected website. Once that is opened it will infect the computer and all data that the user has access to. This includes server-mapped drives.

Ineffective Anti-Virus

These exploits will be uploaded to the compromised websites to coincide with the delivery of the email so it will pass through all email and virus scanning technology.
 
They usually only have a lifetime of a few hours so traditional methods of virus detection and prevention will not work. As the purpose of ransomware is to earn profits for the attackers, these scams are becoming more popular and are targeting companies using information available on LinkedIn and social media. 

You can do a number of things to prevent this from happening to you:

  • User Awareness – Please make users aware of this issue, and be careful not to open attachments that they don't trust or are not expecting. 
  • Deploy a security-aware firewall that is capable of inspecting traffic for malware.
  • Prevent access to USB storage devices.
  • Enable a multi-layered protection approach that includes Anti-Virus, Anti Malware, email filtering and web filtering. Although this will not prevent an infection it will significantly reduce the risk.
  • Limit user access only to the files and folders that they require for their job.
  • Ensure adequate coverage on backups.
  • Educate end users on current security exploits and how to avoid putting business or personal data at risk.

Once infected, the only solution is to restore the files and folders from a backup version. However prevention is better than the cure, so please exercise caution when you receive suspicious emails.

Feel free to forward this message to your colleagues and friends to help stamp out these attacks. 
 
If you have any questions or concerns and would like to discuss in more detail, please don't hesitate to contact me.

Kind Regards
Gary Melvin

087 202 6440
gary.melvin@brandon.global