Preventing Ransomware

Preventing Ransomware


To summarize;

The lesser your attack surface is, the less likely you will get hit by malware and virus infections.

Contact 5 Star Technology to implement a multi layer defense approach for your business environment.


A couple of things stand out in the several ransomware infections in Curacao.

 

  • Companies are still relying solely on a locally installed antivirus solution.

The reason why you cannot rely on only ONE solution to protect the network environment is that for example if the payload comes via an email as a pdf attachment and that pdf attachment has a link to a malicious website, the antivirus protection will not be able to protect you.

 

  • Emailemail-virus

While it’s cheaper to use the email service of your registrar (ie godaddy etc), they do not provide the additional mail security that you require. Our own mail solution, Office365 and google apps for work will scan for spam, virus and malware and will stop most malicious emails dead in their tracks so that they do not ever reach your organization.

 

Companies are not yet fully aware of the extent of damage that can be done when the company files are encrypted.

Yes, files of users are being encrypted by the malware. The malware encrypts mostly Microsoft office documents. But did you know that Microsoft access databases also get encrypted by the malware and this would render the database useless. An example for Curacao would be our payroll administration programs that use Microsoft Access database. While it’s a nice job for IT staff to try to recover or in some cases even to rebuilt a system, it’s much better to actually protect your organization against 3rd party attacks.

 

 

  • Backup.3-2-1 backup 300x225

If you simply assume that the backup that has been setup years ago, is simply still working, without ever checking if the backup has ran recently, you might as well as close your business. Backup has evolved during the last years with lots of new technologies, for example backup with true delta technology. You have to periodically make sure that you can at least recover your data from backup.

5 Star Technology will provide you with weekly and monthly reports of your pc’s and server (including the backup) so you can be confident that we can recover your data.

Also consider to use the 3-2-1 backup methodology.

 

 

  • There is no patch management.patching multiple os

Microsoft does provide monthly windows updates to patch security issues of their products, but did you know that you need to patch third party software as well? Java, flash player, iTtunes, realplayer , adobe reader just  to name a few of the hundreds programs that are out there. Attackers are increasingly leveraging 3rd party programs to deliver their malicious payload to you.

By leveraging patch management into your multi-layer defense strategy you will reduce your attack surface from 85%-95%.

 

 

  • Routers/Firewalls/UTMutm-1

Some companies use a wireless router which is designed for a home network to protect their business environment. While obviously a router is unable to protect a business against modern treats, businesses do not understand the value that a (properly) configured Next Generation Firewall or an Unified Threat Management can provide to their network. With a UTM you can scan on all traffic for malicious programs, have web protection, intrusion protection system , use VPN tunneling to access your network remotely,  allow only known traffic to the internet and to the inside of your network.

 

  • Disaster Recovery

Just like the backup technology has evolved during the years, so has the technology regarding Disaster recovery. Even in the case that you have a backup available of your data, it may still takes days, and in some cases weeks to (re)built a new system, during which time your server/data is not available to you or to your customers.

 

  • DNS based protection.dns-comprehensive-dns-protection

Since DNS servers are the middlemen between your browser and website content, there are many third-party DNS services that offer additional functionality for both users and network administrators. These tools can include:

  • Content filtering – This can be conveniently implemented to block adult sites and other unwanted content, while requiring no software on the computers and devices.
  • Malware and phishing blocking – This can be performed by the content filtering tool also, to block sites containing viruses, scams and other dangerous content.
  • Protection against botnets – This blocks communication with known botnet servers so your computer isn’t taken over.
  • Advertisement blocking – This is another type of content filtering, which some DNS services specifically concentrate on.

If the malware somehow managed to install themselves on your network, but you have added an additional defense layer that the malware won’t be able to contact it’s server to download the payload, you would have effective blocked them to further infect your systems.


Protecting your company is not a trivial thing. As the article demonstrates, there are many ways your network can get compromised. It’s only by using a defense in depth approach that covers all aspects, you can minimize the risk that your network can be breached. And as mentioned, in the case that your network is compromised, only a backup and/or disaster recovery system can help you get back up and running.


Article Written by 5 Star Technology and Zion Tech.