New Global Ransomware Threat
There’s a new form of ransomware that emerged globally this month – and it’s leaving a nasty payload on computers both corporate and personal.
What is ransomware?
Ransomware is a software designed to block a users’ access to their computer until a sum of money is paid. It is a subset of malware, that typically encrypts the files on the computer. Ransomware can be a lot more complicated to deal with than malware. Once ransomware takes control of a users’ files, it can be very difficult to remove and thus, protections policies are always advised.
What is the new threat?
KeyPass ransomware – a variant of the STOP ransomware – turns a legitimate part of computer security against the user and leaves them open to further attacks.
According to researchers from the Kaspersky Lab, there is not much that can be done once a user has been infected. As they say, the best form of Offense is Defense.
Kaspersky Lab mentioned the ransomware uses “fake installers that download the ransomware module”. Once it has taken over, the ransomware leaves a ransom note telling the victim to pay $300 to get their files back, and threatening that if it’s not paid within 3 days, it will cost even more to unlock their computer.
However, the Kaspersky Lab recommends not paying the ransom as it is likely that the files will not be decrypted, and you’ll be left without your files AND out of pocket.
The researchers suggest taking precautionary measures is the only way not to fall victim to the new ransomware, and we here at Domain Digital wholeheartedly agree. Prevention is always better than cure.
What can you do to protect yourself from Ransomware?
Our CEO, Charlie Stephens recommends a number of steps to protect yourself from cyber-crime, including regular computer back-ups so, in the event your computer is infected, you’ll be able to restore it back to the latest version with minimal loss, without having to pay hard earned dollars to the cybercriminals.
It is extremely important to password protect access to any backup files and copy them to an external backup drive. This ensures that should you be affected, a recent backup is unattached from your network and therefore unaffected by the attack.
There are a number of other practices and procedures that businesses can do to protect themselves from ransomware attacks. This includes incorporating security software such as commercial grade firewalls and malware protection across individual devices, and across the server; with real-time monitoring to isolate an attack if there’s a breach and prevent it from spreading to other devices on the network.
As part of Domain Digital’s 2-hour “Cyber Security and Network Risk Assessment”, our senior technicians look to identify any loopholes and back-end entry points in your network that could make your business susceptible to a ransomware attack, or any other cyber threats, and provide recommendations on how to fix those issues.
We like to ask “Do you know if your network looks like a sieve?”.
There are also several policies business owners should implement to reduce the risk:
1) Set-up Automatic System Back-ups, including an offsite back up.
2) Do not open attachments if you do not know who sent them
3) Scan attachments with a real-time anti-virus / malware tool
4) Apply Windows updates and patches as soon as they are available
5) Use hard passwords and never use the same password on multiple sites. (A hard password is longer than 12 characters, containing at least one capital letter, number, and special character)
6) Implement Two-factor authentication login (2FA), which requires you to use an authenticator or one-time code in addition to your regular login.
Remember, always use a paid anti-virus & malware program, as many free programs people and businesses alike tend to use, don’t provide real-time protection, meaning the software will only partially protect your device after being infected rather than preventing the initial attack.
Domain Digital can assess the risk of your current Security measures & Network with an obligation free, 2 hour “Cyber Security and Network Risk Assessment”, please contact us and we’ll arrange an appointment with you.