Ransomware In the Workplace

ransomware

Ransomware is unfortunately a regular headline when reading or watching the news.  While news outlets regularly report of Ransomware's crippling effects on businesses or governments, rarely do we hear the reasons why the attack was successful and how it was resolved. When discussing ransomware attacks with our clients, we stress that it is better to have proper security in place, preventing a vast majority of these attacks from taking place. Ransomware should also be part of backup and disaster recovery plans to help contain and quickly mitigate the damage from these attacks without paying the ransom. Paying the ransom encourages these attacks to continue because it is profitable for criminals to sustain these attacks in search of the next victim. 

Criminals use multiple ways of compromising your infrastructure to perpetuate Ransomware. Much like how a burglar will look at a building and find a weak point to enter, ransomware criminals will do the same to enter into the organization’s IT infrastructure.  One key difference is Ransomware criminals have automated the process, and perform these attacks from other computers that have been compromised to help hide their tracks. Once the criminal’s automated systems have entered, it starts to take control of key parts, namely where files and backups are stored at. The Ransomware will then communicate back to the criminals network the instructions and the encryption key it should use and will start encrypting files, deleting backups, and will leave instructions on where to send payment. A price is given in bitcoin or other cryptocurrency (that goes up over time) of how much the random is. The criminals promise to give a key that can decrypt the files once payment has been received. Once the criminals are paid, they may not supply a decryption key, or the decryption key may not work. If the decryption key works there is still a process of restoring the files and systems needed for your organization to resume 

Proper IT security and user education is the best way to prevent Ransomware from taking hold in the workplace or to perpetuate an unknown Ransomware attack on another organization. Here’s a rough outline of where to start when looking at IT security and how Go2IT can help implement them for your organization:

  • Spam and Virus scanning of all incoming email. Email is the most common way for Ransomware to enter your organization’s IT infrastructure. Go2IT sells a service that scans emails before it reaches your organizations’s email infrastructure. This service is consistently updating the criteria for blocking mail that negatively affect your organization.
  • Use a firewall designed for securing your organization’s network. Go2IT recommends the Sonicwall product line with Advanced and Comprehensive Gateway Security Services. When implemented properly, it will assist in scanning network traffic for viruses, restricting access to websites for content and security concerns, restricting specific countries' ability to contact the firewall.
  • Use a centrally managed antivirus. This allows for regular updates to be delivered, and reports generated ensuring that the updates are applied. This also provides for alerts to be sent out if a virus is found and helps pinpoint where to focus attention. Go2IT has a service that is centrally managed without needing a server setup within your organization, and allows for easy monthly billing based on the number of devices protected.
  • Restrict services presented to the outside world. Go2IT follows industry best practices and will work with your vendors and customers in only showing your organization’s key services to the public, restricting select services to only approved businesses, or enabling them to be used from a secure communication channel. Of special note of services to restrict is Microsoft Remote Desktop. Even though it is password protected, Go2IT has found that ransomware criminals target this service and will always recommend blocking this service from the internet unless it is secured through other means like a VPN.
  • Setup VPNs to establish secure communication channels. VPNs (Virtual Private Networks) are a way to allow entire trusted sites or individual computers to allow access to services not allowed from the internet without these secure channels in place. It can be set up for organizations with multiple locations to automatically allow full communication securely transmitted over the internet, or having logins from company-owned devices, or allow select businesses access to a specific service not normally allowed from the internet. 
  • Follow best practices for user accounts, passwords, and file security. Highlights include automated password changes, not allowing the same password to be reused, and restricting access to folder based on group security. Many organizations use Microsoft Windows to process user account logins, Windows Servers has features that can be set up like Group Policies, File and Folder Security to address some of these concerns. Go2IT can assist with the setup of these features with your organization. 
  • Educate your organization’s users on common scams used to compromise their work account. Links in emails that ask for a login, having them call a phone number for computer support that isn’t part of your company IT or MSP. Law enforcement impersonation attempts with instructions to hand over account information or money. 
  • Apply security updates to your organization’s IT Infrastructure. New ways of compromising the network are found regularly, vendors release patches to address specific vulnerabilities when found. Go2IT can assist with automatic patching for Windows computers and servers, and working with your organization's network appliance vendors for patching. 

Ransomware prevention isn’t always enough though. New vulnerabilities can be exploited before a vendor releases a patch, human error, or a compromised account can let Ransomware into your organizations IT infrastructure. Planning on multiple backups, securing backups, and disaster recovery planning can help your organization recovery from Ransomware quickly, and without paying the ransom. Go2IT can tailor a solution to match your organization's needs. Here are the common areas to plan for Ransomware recovery before the attack happens.

  • Have a local backup that needs a unique login to access and has other methods of securing previous backups. For medium to larger organizations, Go2IT sells a storage device that needs a unique login to access and has daily snapshots of your organization's data that is hidden unless needed. Since the data is hidden, it cannot be encrypted or deleted by the Ransomware attack. This would allow for the fastest method of restoring from a backup after a Ransomware attack.
  • Have an offsite backup that requires a special login to access. Go2IT has an offsite backup service that securely transmits and stores your organization's data, and previous backups cannot be deleted or encrypted due to how the service is designed. This is a second line of backups used in case the local backup isn’t available. 
  • Establish a Disaster Recovery and Contingency plan. Beyond Ransomware attacks, this should incorporate large telecommunication outages, electrical outages, natural disasters, and failures of individual parts of the IT infrastructure. Priority of service restoration, and contingencies through the 4, 8, and 24 hour blocks of time as services are restored. Go2IT can assist your organization with the planning and implementation of the plan and has services available if it is needed from industry-leading partners. 

Go2IT is here to help your organization, please contact us at sales@go2itgroup.com or call us at 866-424-1233 for this or other IT needs.
 

Most Recent

Lorain County Chamber of Commerce Business Expo

Posted By The Go2IT Group
October 11, 2021 Category: General

The Go2IT Group is proud to be a Gold sponsor of The Lorain County Chamber of Commerce's 8th Annual Business Expo on November 4, 2021, at Tom’s Country Place from 3:30 pm – 6:30 pm. This EXPO provides a fantastic opportunity for local businesses and attendees to learn about one another and network.   We look forward to seeing everyone this

Cloud Computing

Posted By Go2IT Group
March 25, 2021 Category: General

WHAT EXACTLY IS CLOUD COMPUTING AND HOW DO YOU USE IT?   Cloud computing is the delivery of different services through the Internet. These resources include tools and applications like data storage, servers, databases, networking, and software.  As long as an electronic device has access to the web, it has access to the data and the software programs to run it. Cloud computing depends on resource sharing, rather than using local servers or individual devices to host applications. It mostly only allows the application software to function when internet enabled devices are used.   There are four types of Cloud Computing you should learn about because they serve a broad range of functions over the internet- like virtual and storage servers: applications and authorization for desktop applications.   THE PUBLIC CLOUD Public cloud is best for businesses which have requirements that require managing the load; host application that is, Software-as-a-Service and manage applications which are used by many users. Public cloud computing is very economical because it has few capital overheads and operational costs.   THE PRIVATE CLOUD This is also known as the internal cloud. In private cloud, cloud computing services are offered on a cloud-based secure environment. The environment is usually protected by a firewall governed by an IT department which belongs to a particular organization. In private cloud, the user is given a greater and di

IoT

Posted By Go2IT Group
March 18, 2021 Category: General

A promising new technology trend is on the rise. Internet Of Things, or IoT. Have you heard of it? Many “things” are now being built with WiFi connectivity, meaning they can be connected to the Internet, and to each other.  The Internet of Things is a way of the future and has already enabled devices, home appliances, cars and much more to be connected to and exchange data over the Internet.   As consumers, we’re already using IoT and may not even realize it. We can lock our doors remotely, preheat ovens on our way home, track our fitness on our watches. However, businesses also have much to gain now and in the near future. The IoT can enable better safety, efficiency and decision making for businesses as data is collected and analyzed. It can enable predictive maintenance, speed up medical care, improve customer service, and offer benefits we haven’t even imagined yet.   We’re only in the beginning stages of this new technology trend: Forecasts suggest that by 2030 an average of 50 billion of these IoT devices will be in use around the world, creating a massive web of interconnected devices spanning everything from smartphones to kitchen appliances. The global spending on the Internet of Things (IoT) is forecast to reach 1.1 trillion U.S. dollars in 2022.   If you wish to step foot in this trending technology, you will have to learn about Information security, AI and machine learning fundamentals, networking, hardware

866-424-1233

Contact Us

 

26260 Center Ridge Rd., Westlake OH 44145

© , The Go2IT Group, All Rights Reserved
  • Privacy Policy
  • Terms and Conditions
  • Email Us
  • Blog

  • Powered by Virteom Logoirteom