You can take steps today to protect yourself from Ransomware.
For most of us, it feels pretty easy to detect email viruses. It seems like common sense to delete any email from a foreign prince or other cryptic messages. But what are you doing to avoid the viruses as they grow up, get sophisticated and want your money.
For the last couple years, we've seen online attaches come, often through email, that infect a computer system and block access to all files until the victim pays a ransom, often costing upwards of $500.
The viruses hide themselves in clever ways too- appearing to be an email attachment for a shipment notification, bank statement or other valid information. Unfortunately, the attachment is anything but safe.
We've noticed that antivirus and anti-malware programs have a particularly difficult time stopping this infection, since it mutates to exploit any vulnerability in your system. If you are interested in the more technical details of the virus, you can take a look at Computer World's in-depth article on the subject.
Ransom note via Jonathan Hassell from Computer World
Over the last few months, the attacks have been hitting closer to home. Local business owners are getting hit, and others are asking how they can protect themselves in the first place.
So what can you do?
There isn't a single solution to prevent every possible threat- the people behind these viruses have had great success and are constantly adapting against solutions, but the good news is that you are far from helpless. You can take steps to reduce the risk of a virus entering your computer system and the other systems in your company. Likely, you already practice many safety measures, but several extra steps can make a big difference. Like most security measures, it is much easier to prevent an attack than deal with the aftermath, which in the worst-case scenario could be the complete loss of your files.
1. Remove Administrative permission to all staff accounts on Mac and Windows systems. While this may seem extreme, it should have minimal side effects on daily operations since all required applications should already be installed and configured. This prevents staff from mistakenly allowing execution of programs that can be harmful.
2. If you use "thin clients" in your office, enable a security feature that would disallow the running of software/application installers, decompression of folders, or other similar programs that threats typically rely upon to extract the files they use to operate.
3. Please be hyper-vigilant about strange or unknown emails, particularly when opening email attachments. Word, Excel, PDF and other files are all possible carriers.
4. Ask yourself if you are expecting a file from a sender. Review the source email address using the Message Options command in Outlook to review the email headers that show the real sender.
5. Be extra cautious about links in email. Don't rely on the printed link name. Hover your mouse over the link and examine the real address from the link. If you look closely, it may say something along the lines of XXXXXXXXXXX_pdf.SCR and is actually a suspicious script file.
Example from a real Ransomware attack
6. Don't Reply or Forward the original email. You may actually be telling a spammer, "Hey, this is a real email address. Please send me more spam and viruses!"
7. If you suspect a virus, please highlight the email, press Shift + Delete, and answer "Yes" when asked if you want to permanently delete that email.
These steps can help you and your team from accidentally activating a Ransomware virus.