News Detail
Don’t become the next victim of ransomware, what you should do.
Investing in IT Security is no longer a luxury, but a necessity for all businesses.
2017-07-17
By QuickTec IT Support and Services
Don’t become the next victim of ransomware, what you should do.
Investing in IT Security is no longer a luxury, but a necessity for all businesses.
In the last month we’ve seen the words Wannacry, Petya and Goldeneye hit international headlines as these ransomwares ripped across the globe attacking companies and demanding payments of thousands of dollars in Bitcoin in order to retrieve their encrypted data. Even for those who successfully retrieve all of their data, their reputation is irrevocably damaged as suppliers and customers know that their private data has now been compromised.
After the Wannacry threat last month, it emerged that those who had fallen victim had not been applying their security patches and updates on their Servers and PCs, which left security loopholes open, making them vulnerable to such attacks. And as organisations such as the HSE and the NHS were forced offline for 2 days and scrambled to apply their patches and updates the rest of us had a lesson well learnt. Apply your security patches and updates and layer your security.
But had companies actually learned a lesson?
When, less the 6 weeks later, ransomware made headlines again last week with Petya/Goldeneye affecting Russia to Australia and affecting offices in Ireland. Russia’s shipping giant Maersk fell victim as did Russia’s top oil producer, Rosneft, Ukraine’s central bank and metro system, Kiev’s Boryspil Airport, Spanish food giant Mondelez and U.S. pharmaceuticals company Merck. Here in Ireland, both phones and PCs were out of action at Merck's Ireland offices, and employees were sent home.
However, what you hear often here in Galway, this safe haven, away from the scary viruses, malware, and ransomware that we only hear about in the papers hitting Russia or large global companies, is “what interest would hackers have in a small business in the West of Ireland?” Years ago, people at smaller organisations would operate under the assumption that they didn’t have anything anyone would want and therefore were safe from attacks. With ransomware indiscriminately hitting people, it’s really caused a realisation that anyone and any business can be a target and everyone needs to think about these things. At QuickTec, we’ve had calls from a small accountancy firm with 4 employees to an engineering company with over 100 employees saying there’s a message on my screen asking for $3,000 in Bitcoins, what do I do? Our first question is, "when is the last time you backed up?". And so begins the process of getting that company back online with minimal damage to their data, money and reputation.
But with GDPR -General Data Protection Regulation about to hit in May 2018, companies need to focus more on prevention rather than cure, and invest in the security of their IT systems and data. With WannaCry and Petya laying the path for ransomware in future, what can you do to protect your business?
Apply Security Patches and Updates
Microsoft release security patches and updates every 2nd and 4th Tuesday of the month so it’s imperative that you are regularly applying these updates. If you don’t have an internal IT Department, don’t assume that your outsourced IT Support provider is doing it. We include Patch Management and Updates in our Support Contracts but we’ve gone on new sites where their previous providers hadn’t applied security patches in over 12 months.
Implement layers of protection
You can’t just rely on your firewall or just your anti-virus. You need to have a firewall, managed anti-virus, make 2 factor authentication a central part of your security tool kit, encrypt all of your mobile devices, create strong complex passwords for all of your devices and change them regularly.
Change your passwords
Each device that connects to the internet, comes with a default password. Change them. Use uppercase, lowercase, numbers, symbols, at least 8 characters and use different passwords for different devices. Recently, attackers have hacked IT Systems through printers whose owners had not changed the default password. This goes for the same with IOT (Internet of Things) If you have bought a device in your home, which connects to the internet, make sure that you change the default password.
Choose the right Firewall
A Firewall is a software program or piece of hardware which helps protect your Network or IT System from unauthorised access such as malicious hackers, viruses and worms that try to reach your PC over the internet. Firewalls are not to be confused with your broadband router box and it’s important that you choose the right Firewall for your needs. Watchguard firewalls are U.T.M. Unified Threat Management devices which is more than just a firewall and gives you multiple layers of protection. The Watchguard Firebox will give you the capabilities of blocking your employees from accessing websites under categories such as pornography and gambling. It also allows you to create a VPN, Virtual Private Network, so that you can safely and securely access your files on the server from home over an encrypted connection. Watchguard have released a new feature with their Firewalls called APT Blocker (Advanced Persistent Threats) which puts a stop to these fast moving and persistent threats by using a next-generation cloud sandbox that simulates physical hardware, exposing malware designed to evade traditional network security defences. Do your research and choose a Firewall that suits your businesses requirements.
Educate your employees
You can invest in the best IT Security system in the world, but if you fail to educate your employees on how to spot a spear phishing email or a malicious website, social engineering, the importance of creating strong, complex passwords or the risks of using USB keys, then you are still at risk of falling victim to ransomware or other forms of hacking.
Upgrade your old systems
Windows XP PCs or old Windows 2003 Servers are no longer supported by Microsoft and are a much higher risk to your business. Windows Vista will no longer be supported as of April 2018. To be fair, there are a lot of challenges some organisations have in upgrading, sometimes they’re using old software that is only compatible with XP and to upgrade the software will involve a huge investment. Or the age-old quip pipes in “XP are great, if it’s not broken, why fix it?” However, once it “breaks” it may no longer be fixable.
Back. It. Up.
Regularly.
Using the 3-2-1 Back Up Strategy.
A 3-2-1 strategy means having at least 3 total copies of your data, 2 of which are local but on different mediums and at least 1 copy offsite. For example, store your data on your server, back it up to a NAS (Network Attached Storage) device, back that up to an online Cloud back up. Then decide how regularly you want to back it up, most companies back up each night whereas some will decide to have regular back ups throughout the day depending on the type and amount of data you’re processing each hour. There are different ways to back up your Physical Server, you can back up your data to a NAS, external hard drive or Cloud. Or you can create a virtual environment and create a full replication of your Server, it’s operating system, profiles, programmes, applications on a NAS. The difference between both solutions is how much downtime you can afford in your Disaster Recovery Plan.
Establish what your Disaster Recovery [DR] Plan is
If you were to become the victim of a cyber threat, how long can your company afford to be down? If you’re lucky enough to have the type of customers who don’t mind you not getting back to them for a day or 2, or you have the type of employees who don’t mind being sent home for 2 days without pay, then you don’t have to invest hugely in your Disaster Recovery Plan. However, if you need to be back up within a day, a few hours, or immediately then you need to be prepared to spend money on your DR plan. We find from speaking to companies in Galway that there is a lot of contradictory information out there about what the “Cloud” is and what it is doing for your business. We’ve spoken to managing directors who’ve told us “we have everything backed up to the cloud so if anything were to happen we can go home and work immediately from our laptops.” However, there is a huge difference between backing up your data to the cloud versus hosting your virtual server in the cloud to having a cloud disaster recovery plan. Sit down with your IT department or your outsourced IT Support provider and make sure that you understand what your Disaster Recovery Plan is. Don’t assume that you have one, if you haven’t asked for one.
Question your IT Manager, IT Department, IT Support Provider
Arrange a meeting, sit down and make sure that you understand how your whole IT System works, how it is being protected, where it is being backed up to and what your Disaster Recovery Plan is if anything goes wrong. Don’t expect that this is the sole responsibility of one IT Manager in your whole organisation. If you’re attacked, it won’t be your IT Manager who has to face your shareholders, suppliers and customers. It’s the responsibility of the whole organisation. Also, one person can’t be expected to keep on top of every new piece of technology and malware and IT solution being released each week. With a local outsourced IT Support Provider, you have the benefit of having a team of IT Engineers who are working with lots of different companies and understand industry best practice, are sent on regular training to keep up to speed with the latest technologies, and together can create the best IT solutions for their customers. It also means that you are not relying on one single person for your whole IT System, what happens if they become ill or decide to leave the company? Outsourcing your IT Support means that you have several engineers who are familiar with your site and are able to provide you with support when you need it without having to wait for one person to get back to you.
Look at Managed Services
Once you decide to invest in the security of your IT System, don’t overlook the importance of managing and monitoring your IT System too. Managed Services is a proactive type of IT Support that pre-empts an issue before it happens and fixes it in the background minimising disruption to you and minimising downtime. Managed Services is what allows companies like us to apply security patches and updates on your Server and PCs, allows us to manage your Anti-Virus, monitor your backups, be alerted if a hard drive is about to fail in your Server or your storage is filling up. Managed Services also allows a quicker SLA with initial response times being as quick as 1 hour. It will give you peace of mind knowing that your IT Support Provider is managing and monitoring your IT System 24/7 alongside implementing a strong IT security plan for your business that includes educating your employees about IT security.
Wake up
These latest attacks have emphasised the importance of being prepared for ransomware threats. If you are one of the many businesses that don’t have a Disaster Recovery Plan and who haven’t evaluated their ransomware threat readiness, you’re not alone but now is the time to act. Strong security and a comprehensive defence strategy are key to mitigating your company’s data vulnerabilities and should include a data management strategy and employee education.
Don’t become the next victim of ransomware, act now.
If you would like help with implementing your companies IT Security plan or to learn more about Managed Services, call Sara at QuickTec IT Support and Services on 091756070 www.quicktec.i