Helping to prevent the spread of Ransomware.
At Mirus we continue to proactively look for solutions to protect our clients against the latest security vulnerabilities and threats. We have developed a solution which will help prevent known ransomware from encrypting your data and will notify us as soon as an encryption attempt takes place which enables us to act as quickly as possible if a device has become compromised.
Our new crypto blocking tool enables us to better detect ransomware on our managed clients devices as well as stopping the spread across your network before infection becomes too deep. If ransomware is detected it will automatically block and isolate the affected user so they are unable to make any new connections to other servers.
If you are highly concerned by the threat ransomware poses on your data we are also able to stop and disable the LANMAN Server Service on a ransomware detection to take all shares offline until the threat has been identified and resolved.
Early detection and notification!
The solution will then automatically raise a critical ticket with the Mirus Service Desk who can then enable the following process;
- Service Desk make contact with the user and take machine off the network
- Once the machine is off the network, the individual users account can be enabled and the deny share permissions removed
- The user is then able to log-in to another machine and continue working
- Mirus then make arrangements to clean and rebuild the infected machine
No one can guarantee you'll never be infected due to the ever changing nature of the threat landscape, however best practice and user resilience can help reduce your exposure.
What is Ransomware?
- Ransomware is a trojan that targets computers running Microsoft Windows Operating Systems
- Ransomware became a greater threat when cyber criminals requested payment using Internet Bitcoin currency, estimated to have cost businesses $1 billion in total by the end of 2016
- It is often spread through email attachments and infected websites which carry malware
- Your computer and software keep on working, but your personal files, such as documents, spreadsheets and images, are encrypted
- As part of a business network it can spread quickly and efficiently to all networked devices
- The criminals then retain the only copy of the decryption key, giving you a period of time to pay them for the key to release the data
- Bitcoin is an Internet currency that allows for anonymous transactions, because of this anonymity it is extremely popular with cyber criminals Educate your users!
One of the most common ways for any type of virus, malware or ransomware to enter a network or individual machine is via user action. This may take the form of clicking a link in an email or browsing to websites that carry malicious software packages.
The best education for users we can pass on is as follows;
- Be aware of what you are opening and browsing to, look for anything suspicious that doesn’t look right or genuine. Things like fake LinkedIn connection emails are a common one that’s used, but the level of detail and quality of the copy can mean users are easily fooled. Hover your mouse over the link before you click it and the web address you are going to will show up, check it looks genuine.
- Take action! If you see something you are concerned about then report it and get it checked before proceeding.
- Should the worst happen and you get infected turn the machine off as quickly as possible and get it inspected by an IT professional.
Want to know more about your Cyber Security vulnerabilities?
Unfortunately there isn't a one stop fix to guarantee that infection will not occur, due to the wide variety of strains and methods in which it could enter your network. The required approach involves multi-layered levels of protection, including but not limited to user training, next generation firewalls, anti-virus, email security and strong password policies.
To book a free Security Assessment to understand your particular vulnerabilities click the link below to speak to one of our experts.