IT Security and Cyber Security Solutions
A hot topic at present, brought in to the limelight because of an increasingly aggressive form of attack called ransomware. Most people may not have heard of this term but will be familiar with the wannacry attack that hit companies throughout Europe, including the NHS. The concept of ransomware is exactly how it sounds, you are held hostage for a ransom. To be clear I don’t mean that a stranger confronts you in an alley and threatens you with a keyboard and mouse until you pay them.
So how is this achieved? Well the answer is using encryption; essentially someone will install a piece of software on to your machine, which may be via an email attachment, a fake website or even through another piece of malware that was unknowingly installed previously. Once the software is installed it will silently (meaning in the background without your knowledge) run on your PC and any mapped drives the user has access to, for instance a public drive, and encrypt the files. Fortunately, since this nasty type of attack started, antivirus companies have been hot on the heels of the attacks and can generally stop them before they complete their task. Unfortunately, if it is a new variation then after all the files are encrypted, not only will large parts of the machine cease to function, but a window requesting an amount of money will appear stating that if payment is not received within the specified days, then all the data will be lost. In most cases where the money has been paid the files have not been decrypted, so the advice is to NOT pay the ransom.
So, what are some of the measures that can help to prevent or recover from any form or computer attack?
Firstly, and most importantly are backups. Without a fully functioning backup the data is most likely lost forever. Secondly antivirus; there are many free versions available, but they are often only for home use, and only have basic features, such as no real time scanning, meaning unless manual scans are run then the infection is free to do as it wishes. User training is another effective way that pushes the enfaces on to everyone, making them more aware of what to look for, as most issues arise due to users not being fully aware of the effects of random attachments and suspect sites.
Although the above focuses predominantly on ransomware other threats such as hackers, malware and viruses are no laughing matter unless you are feeling the overwhelming victory of your system finding and destroying an attempted attack of your machine. I think we would all feel smug that we just beat a criminal mastermind that is sitting at his machine not having washed for days eating Cheetos.
As well as the above measures there are still further steps that can be taken to secure both individual machines and whole sites:
- Web filtering
- Email Encryption
- Password management software
- Regularly installing updates
To find out further information or discuss your current security please get in contact before you become another victim of cybercrime.