CYBER SECURITY | 8 MIN READ
You're browsing the Internet on your computer when the screen starts glitching and freezing up. An eerie warning message pops up on your screen, warning you that all your important documents, from your financial statements and tax documents to your social security information, are now encrypted! This means that they're either inaccessible or un-readable if you try to open them. The message goes on to state that in order to unlock your files, you must pay a ransom of 4 Bitcoins. You freak out, wondering what Bitcoin even is and what would happen if you don't pay the ransom.
If you had followed our 8 tips to prevent ransomware attacks, then you might not be in this situation. Read more to discover ways that you can better leverage your cyber security to keep ransomware attacks at bay.
Not enough time? Jump to:
The first step in patching security gaps in your network is knowing where and what they are. Thankfully, network security scanning tools can help you uncover open ports on your network, while dark web scans can see what information is already on the dark web.
If you are a business, some ports may need to stay open so computers within a network can communicate with each other. However, certain ports, like the ones on your printers and copiers, can create security gaps that hackers can take advantage of.
Dark web scans can help you find out what accounts and associated passwords are on the dark web. If a hacker has access to this information, they can use it to distribute phishing emails or log into accounts containing sensitive information that can then be held for ransom.
If you don't have multiple layers of security in place, you should consider adding more. Adding more layers makes it that much harder for a hacker to access your network. Just having a basic anti-virus software and firewall installed could be enough to keep away some lazy hackers looking for easy networks to break into.
While computers are designed to not make mistakes, hackers know that humans are prone to errors. That is why they exploit human error to gain access to a network and deploy ransomware. A popular way that hackers gain access to a network is through phishing attacks.
Phishing attacks involve a hacker sending an email containing a malware-loaded link to a potential victim. The email can either contain an enticing offer, such as "Click this link for a free cruise!' or can be faked to resemble a legitimate company. For instance, a hacker posing as Google could email a victim telling them to click a link to update their email storage.
Always be wary of emails from people you don't know telling you to click a link. If you want to see if an email is a phishing email, you can look at the address that the email is from. For instance, a phishing email posing as Facebook that has the email address "firstname.lastname@example.org" is probably a fake address.
Make sure that the address is spelled correctly too with no character substitutions. While an address from "@facebook.com" might be legitimate, an email from "@facebo0k.com" is probably a phishing attempt.
Another way to test a phishing email is to try and find the page the email is referencing without clicking the link. For instance, if the email is from Microsoft and is telling you to update your storage, try doing that through the official Microsoft website instead of through the link. If you can't find such a page, then the email is most likely a phishing attempt.
In general, most legitimate emails don't ask you to click a link to validate or update information, so your internal warning signals should flash as soon as you see this. If you feel suspicious about an email, try calling the company who it's from to ask about the email, along with other verification methods.
Weak passwords are one of the easiest ways that a hacker can break into your network and install ransomware. Consider strengthening your passwords and protecting where they're stored to better leverage your cyber security infrastructure.
A main focus of any password policy should be to limit how much you write down your passwords, whether they're on a sticky note, an Excel spreadsheet, or in the Notes app on your phone. Writing a password down anywhere leaves it susceptible to being found by hackers.
If you write account passwords down on your phone, all it takes is your phone being stolen or your iCloud account being hacked for somebody to have the logins to accounts that contain sensitive information such as your credit card number.
If you have too many passwords to remember, consider a secure password-storing program such as LastPass.
To maintain strong passwords, consider changing passwords every six months and creating passwords that don't use easy-to-find information such as birthdays or your children's names. When creating a password, make sure it's long and complex.
Additionally, install two-factor authentication on your devices if possible, seeing as it's a widely used secure method of protecting accounts.
Printers and copiers are an overlooked security risk. Whether you are a business who owns corporate machines or an individual with a home copier, there are risks associated with both types.
For instance, personal copiers can have a "print from anywhere" feature that lets you print documents to the copier even when you're away from the office. However, this "print from anywhere" feature has little security because it has to create a hole in your firewall to allow you to communicate with the machine from anywhere in the world. Turn this feature off if you have it.
If possible, consider upgrading to a newer copier or printer. Newer copiers can have features like Transport Layer Security (TLS) that encrypt scanned files sent to your email encryption as well as newer versions of Server Message Block (SMB), which securely scan documents to a folder instead of your email.
Some newer models created within the last 5-6 years have data security kits that you can enable. These kits can have data encryption functions, which scramble the data stored on your copiers and printers, rendering the information useless to a hacker.
Additionally, on some newer models of brands like Canon and Sharp, data security kits might also have features that, when a document is scanned, copied, or printed, erase those documents from the hard drive sometimes as many as 28 times.
While installing anti-virus software and scanning your network for flaws are both great methods for securing your network, many people forget or push off updating their anti-virus software or upgrading their firewall.
While we know this process can be a nuisance, every day that you wait to update the different components of your cyber security infrastructure after new versions emerge leaves you more vulnerable to ransomware attacks.
If you are able to, enable auto-updates on all security software and schedule any updates for late at night when you're not using your computer.
If you're a business, consider this: company-wide free information access means that hackers have more chances of finding an employee with access to important accounts. Implementing role-based security in your company limits the number of people who have access to sensitive files that hackers can hold for ransom.
To minimize the risk of important information being leaked or stolen, assign different levels of security clearance to employees based on what information they need to do their job.
For instance, a blue level employee who is a sales representative might only have access to sales databases, while a red level employee who is an HR representative might only have access to HR databases. You can also restrict administrator rights so that only essential personnel like an IT manager have them.
Role-based security also prevents employees with bad intentions from accessing information that they didn't even need to see in the first place.
If you are a business, you might not have the time to institute all these changes, especially if you only have an in-house IT manager or another employee managing your cyber security.
Managed IT services can help put all of the above suggestions and more into action. Managed IT services layers your cyber security infrastructure and then employs a team of IT experts to address any threats or issues that pop up.
A managed services provider can use dark web scans and network scanning tools to address existing security gaps. Then, they can install layers of cyber security hardware and software, such as firewalls, anti-virus software, and anti-ransomware software.
To take the burden of updating software off of you, a managed services provider can update all cyber security software for you and install necessary security patches.
They can conduct phishing tests to find employees who fall for phishing traps, and then educate those employees on how to recognize and avoid phishing attacks. To take phishing prevention a step further, a managed services provider can enable email filtering services to stop phishing emails in their tracks.
Managed IT services can help you create a password policy and role-based security that works for your business too. In the event that a ransomware attack happens or your network goes down, they can reduce downtime by quickly recovering data due to their use of frequent and secure backups.
Don't wait until you're the victim of a ransomware attack to improve your cyber security.
Posted by Erica Kastner
Erica Kastner is a lead Content Specialist at Standard Office Systems as well as a University of Georgia graduate. She aims to use her passion for problem-solving to help businesses understand how to better leverage their network infrastructure.