Issue No. 85August 2019

Ransomware Avoidance Tips

The ransomware business model has turned out to be a lucrative industry for criminals. Over the years its ill repute has made law enforcement team up with international agencies to identify and bring down scam operators.  Most of the ransomware attacks that have taken place in the past have been linked to poor protection practices by employees.

There are a few dos and don’ts when it comes to ransomware.

  1. Do not pay the ransom. It only encourages and funds these attackers. Even if the ransom is paid, there is no guarantee that you will be able to regain access to your files.
  2. Restore any impacted files from a known good backup. Restoration of your files from a backup is the fastest way to regain access to your data.
  3. Do not provide personal information when answering an email, unsolicited phone call, text message or instant message. Phishers will try to trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT. Be sure to contact your IT department if you or your coworkers receive suspicious calls.
  4. Use reputable antivirus software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of all the fake software out there.
  5. Do employ content scanning and filtering on your mail servers. Inbound e-mails should be scanned for known threats and should block any attachment types that could pose a threat.
  6. Do make sure that all systems and software are up-to-date with relevant patches. Exploit kits hosted on compromised websites are commonly used to spread malware. Regular patching of vulnerable software is necessary to help prevent infection.
  7. If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless Internet. Make sure you use a trustworthy Virtual Private Network (VPN) when accessing public Wi-Fi.

Ongoing employee education is also key, what we preach to our clients, simple things like a quarterly email communicating “reminder, if you don’t know who a link is from do not click on it, and come see management” can add up.

Source: Norton

To learn more about IT technology risks and solutions for your business, please feel free

to reach out to our IT engineering team at:

Phone: 858-952-5400 x0

Email: support@kazmarek.com