How to Prevent a Ransomware Attack
Posted October 23, 2015 by Ben Hicok
Cybersecurity is one of the most important things to consider when it comes to business IT operations. One growing problem has been the advent of the “Cryptolocker” and other Ransomware virus’s that have become prevalent since September 2013 the potential for loss is at an all-time high. Not only do these new Ransomware viruses’ lock up the system, they also encrypt the files. This ensures that business’s pay up even if the malware itself was deleted. Now you have to worry about the cost from downtime while locked up and the loss of critical data, as well as the additional cost of the “Ransom” the hackers are demanding to unlock them. The “Ransom” collected has been estimated to be in the tens of millions.
It was at this time in 2013 that IT insiders predicted that conventional threats like Ransomware were likely to evolve gradually, as cybercriminals will focus mainly on refining existing tools and they were right. It will continue to get worse. Recently we have seen these new variations of the “Cryptolocker”.
- Critroni or Curve-Tor-Bitcoin (CTB) Locker came about in 2014.
- CTB Locker introduced another variant in 2015 that had a “freemium” – free decryption service.
- In 2015, TorrentLocker Ransomware attacks were prevalent in the Australia-New Zealand region. This particular ransomware adds CAPTCHA code and redirection to a spoofed site.
Cybercrime is growing at an alarming rate with experts warning that it will cost business’s trillions by 2019. New Ransomware variants are released daily and antivirus programs are unable to stay ahead of the criminals. Because many organizations are unprepared to deal with Ransomware, the programs are very profitable to the organized crime syndicates creating them. According to law enforcement, one variant of Ransomware called CryptoWall has generated over $15M in ransom payments as of July 2015. More information about Ransomware can be found on the Wikipedia page: https://en.wikipedia.org/wiki/Ransomware
HOW TO PREVENT A RANSOMWARE ATTACK?
First off, you need the in-house expertise of a dedicated IT security team or a capable Managed Security Service Provider assisting you. The power of a team of experts that are always training and educating themselves on the current threats will give your business a leg up on the competition that chooses to be reactive in their approach.
Until recently, the only method of recovering from a Ransomware attack was to remove the infected computer from the network and restore encrypted files from backup. A new tool called CryptoPrevent exploits a weakness present in most Ransomware variants that prevents it from executing in the first place. CryptoPrevent is a Ransomware vaccine. Even if your computer is exposed to Ransomware, it will not be able to do its damage. Additionally, if Ransomware is detected on a machine it will notify the technical team at CNS so that we can verify no damage was done.
CNS has recently purchased an unlimited license of the CryptoPrevent tool. We have deployed it across our customers’ networks. CryptoPrevent is a lightweight tool that uses less than 1MB of memory and will not slow down systems. We deploy to workstations, laptops, and terminal servers.
In addition to helping clients prevent ransomware attacks, CNS offers complete network security solutions. Schedule a FREE Security analysis to see if you are protected with a Best in Class defense. https://cnsit.com/complete-network-security-cns/