Solutions & Services • IT Security
Malware and Ransomware Protection
Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network.
A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, wiper and scareware.
Ransomware is a type of malware from crypto-virology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.
Email continues to be the most popular attack vector, via organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering), or beyond the organization’s perimeters (the domains they own and their brands via impersonation).
Prevention is always better than finding a cure. The first place we advise our clients to focus on is education of their employees. Best practice for malware and ransomware protection should include the following guidance:
- Scrutinising links contained in emails and do not open attachments included in unsolicited e-mails.
- Only download software – especially free software – from sites you know and trust. When possible, verify the integrity of the software through a digital signature prior to execution.
- Invest in training for staff so that they are aware of how ransomware works (including Phishing).
Ransomware exploits a company's weakest link...
Make Ransomware defence everyone's responsibility
You will want to do all you can to stop a malware or ransomware attack ever happening Here are some steps you should consider:
Ensure application patches for the operating system, software and firmware are up to date, including Adobe Flash, Java, web browsers, etc.
- Ensure anti-virus and anti-malware solutions are set to automatically update and regular scans are conducted.
- Disable macro scripts from files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office Suite applications.
- Implement software restrictions or other controls to prevent the execution of programs in common ransomware locations, such as temporary folders supporting popular Internet browsers, or compression/decompression programs, including those located in the AppData/LocalAppData folder.
- No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary; they should operate with standard user accounts at all other times.
If the worst happens and you do get infected, having the ability to get back to a clean copy of the data quickly and efficiently is key. It is wise to create a formal disaster recovery plan. Your back-up and recovery plan should incorporate how you will recover in the event of an attack. The corner stones of a recovery strategy will be RPO Recovery point objective and RTO Recovery time objective.
For more information on our Malware and Ransomware Protection service please contact us here.