On May 31, 2018, Security Intelligence published a mid-year article “Are Ransomware Attacks Rising or Falling?” (https://securityintelligence.com/are-ransomware-attacks-rising-or-falling)
- Ransomware is the top variety of malicious software, 76% of breaches were financially motivated, and 28% of attacks involved insiders (employees).
- Ransom-related attacks are moving to more targeted methods, focusing on quality rather than quantity of targets according to F-Secure.
- In 2017, Malwarebytes tracked a 90 percent increase in Ransomware over 2016, with monthly increases up to 10 times the rate observed the previous year.
Many of the following items are managed for you by LeeShanok. Please review the following checklist, and schedule a call with your LeeShanok Account Manager if there remains any uncertainty.Monitor Activity – Be made aware of attacks that get through firewall. Blacklist – Slenders, domains, and geographies that have sent malicious messages. Backups – Back up servers and file shares regularly, and periodically validate effectiveness. Some backup strategies involve multiple sources and destinations, and may include software from more than one manufacturer. This adds to the complexity but the objective is the same, make sure you can recover from disasters. User Profiles – If your user’s profile folders are on their local PCs, consider re-directing them to a common storage location that is included in backups. Patches – Apply patches to Servers and end-user computers, Windows, devices, and software. It’s true that updates occasionally cause problems, but a lack of updates will certainly increase vulnerabilities. If your server has updates in queue, don’t wait too long to apply and reboot. End-Point Protection – Protect PC’s with antivirus/antimalware software from respected providers (we recommend Trend Micro). Make sure subscriptions haven’t expired and that real-time protection is active. Central purchasing and administration allows for consistent protection, alert handling, license renewals Windows Firewall – Protect end-user computers with active Windows Firewall, or use the firewall if present in your antivirus software. Network Firewall – Periodically review your network firewall to make sure it receives software and firmware updates and is supported. Businesses providing internet access to customer’s through a business center or guest-wifi will benefit from content filtering and traffic shaping. We recommend Cisco Meraki and Cisco ASA with FirePower.
Network Segmentation – Segment your network into logical groupings, limiting access by an attacker.
Educate Users – Let us host a free workshop for employees and satellite offices on “IT Security for the Common Worker”, and we will even supply lunch for your team.
Your Technology Partner,
The LeeShanok Team