With all of the hype around ransomware, I still see things that just make me shake my head.
I walked into a multi million dollar financial institution running non supported Windows XP with no firewall the other day. They might as well have a notice on their website and front door to say “Please hack me – I am making it as easy as I possibly can”
So why not leave the keys to the front door under the mat as well?
Whilst I don’t expect you to be in quite such a dire position, it made me think that not everyone heeding the warnings to take some responsibility with your computer system/s security. This is for business and personal alike – Whilst for business there is money at stake, how badly would your husband, wife or partner kick your arse if you managed to loose a lifetime of digital photos due to sheer stupidity?
This is where I thought I would outline the Top 5 ways to help get yourself crypto locked (and the subsequent acts of physical and verbal violence that are sure to be forthcoming from partners)
Crypto Top 5
- Forget, ignore or otherwise fail to ensure your computer systems are patched. This means applying the latest security updates to your computers. Whilst the update process is irritating and can be time consuming, it exists for a reason other than to simply inconvenience you. Go ahead, don’t bother to ensure your systems are updated and you will be a prime Crypto target.
- Not using a high grade Anti Virus program to protect your asset. Whilst this alone doesn’t guarantee protection, it can and will save your bacon in the majority of situations. We had a client with a newly installed Anti Virus system who called up to yell at us for installing a crap system – simply because he was not able to download a new version of cracked software. When we looked at the logs, we could see he had attempted to download a crypto locker payload from 3 different computers before calling us….. You can guess how that conversation played out ?. Had he not installed a great AV, there would have been many tears shed….
- Simply choosing the entry level email filtering system – The number 1 entry point of viruses into a network is through email. So it kinda makes sense to put some effort into stemming the issue at this point – Unless of course you are wanting to get yourself crypto locked.
- Choosing not to install a high grade firewall on the perimeter of your network. Many businesses I have been to visit simply have a modem with a rudimentary firewall installed – these just don’t cut it. I have seen this at a $450 million business (and almost needed to be taken to hospital in shock). This is absolutely asking for trouble.
The number 1 entry point of viruses into a network is through email.
- Being naïve, ignorant or just a plain dumb arse. You can have the best security money can buy, but it cant help stupidity. The weakest link in any system is people. If you think in terms of physical security, it is the equivalent of leaving the alarm turned off, or the front door open or better still, an open post to Facebook saying you have a party going on. What could possibly go wrong? Everyone needs to be aware and awake at all times cause it only takes one false move and boom….. Your system is toast.
Your only come back after an infection is a back up – If you don’t have a decent backup and recovery system in place, then you are just Pants On Head Retarded.
So if you are looking to put yourself or your company out of action whilst your systems get rebuilt (if this is even possible with no backup), follow these 5 important tips. You can share in the joy and elation so many other around the world have experienced with the fun times of ransomware.
If on the other hand you think you might like some help, there are three things you can do.