Virus, Phishing, and now Ransomware
Several years ago, an employee approached his co-worker sheepishly with a question. He had received an e-mail from the company owner that was entitled “I love you” and he wanted to know if he should open the e-mail because although he knew that there were strange viruses around, he wondered if there were a chance that his owner truly did love him. The co-worker gave him a thumbs down on opening the e-mail because he said that it was as the employee had originally thought, a virus and not a love note. The employee said all right and then thought better of it and opened the e-mail. The company had to be shut down for two days in order to fix all of the computers that were infected.
Viruses, phishing and ransomware have all become part of the corporate landscape and even though your company can put together a perfect program to defend against them, they still will sometimes breach your defenses, making it very necessary to have a plan in place to deal with this type of problem before it occurs.
Here are some of the effects that malware can cause and ways you can ensure that you are ready for it:
Viruses come in many forms and today are most frequently acquired by visiting bad websites or loading infected software. One of the most public examples of malware that gets loaded in companies is the program filezilla, an ftp client that is free and used to be the top ftp program. These days, if you need to send a file to your website and have to use ftp, there is rarely a default program loaded on your computer. So employees will often go out and download a program like filezilla and install it without reading the forums that discuss how many potential problems it has caused when being loaded in the past. The files that are loaded for a virus can wreak havoc with your network. The solution is to:
- Pre-load all necessary software programs for employees.
- Get a good server backup vendor and update your backups frequently.
- Keep machine images and consider having workers use virtual machines to do their work so you can restore their environments faster.
Phishing is famous for being a written form of social engineering that entices workers to visit websites that are real companies with false credentials to perform an action. The sites that you arrive at can be full of malware or can ask for private information that can compromise your network security. Here are some ways to deal with phishing:
- Train your employees not to accept any offer through e-mail.
- Integrate known phishing IP addresses into your mailserver blacklist.
- Keep your mail server backed up offsite at a trusted vendor.
Ransomware became well-known during the Sony Studios attack. The bad guys hacked the system and used ransomware to blackmail and order employees around for days. “Do this or else” became a common part of Sony employee’s lives while their IT people scrambled to make changes. Sony spends 100’s of millions of dollars a year in security but still got hit. If they had a complete server backup through a trusted vendor and a matching set of clean images coupled with a security infrastructure that allowed them to change passwords and software and migrate permissions, they would have been able to resolve their problem faster.
If you are considering making changes or additions to your security infrastructure, one of the best choices is to ensure that your server data is backed up securely in the cloud so that it is always available when needed. One way to make certain that your company can respond to this type of challenge is to contact CTG Tech today. Your initial consultation will be free and you will likely end up saving yourself time and money in the future.