WannaCry is an aptly named piece of malware, because if you get it, it will encrypt all your files and have to pay to get them back (unless you have backup). WannaCry is the most recent face of the ransomware genre and has made a big splash in Europe, specifically the Russian Federation. This piece of malware targets a defect that was made public on April 14, 2017 as part of an information leak about the NSA’s hacking tools. There is even already a patch that stops this malware from working. It was released the month BEFORE the leak, on March 14, 2017. If your computer is up to date, you don’t have to worry … at least about THIS piece of malware.
Ransomware is a topic we have covered a couple of times before: here and here, but it is a constant, ever-evolving threat. We’re going to go over the things you can do, and should be doing, to protect yourself from these (and other) threats. Since we’ve covered some of these topics before, we won’t go into great depth on them here, but will link to where they are covered in depth.
Protecting Your Network and Computers – A Castle Strategy
Proper cyber-security should be approached as a multi-layered defense, much like a city’s defense in the Middle Ages. You wouldn’t only have a wall around your city, but you might also have a moat, a cleared field of fire, guards watching the entrances, police or guards inside the city, and maybe even an inner wall protecting the innermost part of the city. For very basic protection, you may only have walls made out of logs or earth. More advanced protection would be made of stone. The depth of defense is limited only by the money you spend. So, let’s see how far we can stretch this metaphor. …
A Good Field of Fire – Email Virus and Spam Filtering
Ideally, you want to eliminate attackers before they even get to your wall or have a chance to get into your network. Having good spam and virus filtering on your email will do a lot to prevent viruses from getting in, as this is a common threat vector. Generally speaking, you want to use an email hosting service that specializes in email hosting, not just the hosting that comes with your website. Hosting services that specialize in email hosting will do a better job of filtering your emails for spam and viruses.
Your Wall – Your Firewall
In the castle analogy, the outer wall is your firewall. Read more on firewalls here. Now, any wall is going to be better than no wall, but there is a large difference between the wooden wall and the stone wall, just like there is a big difference between the firewall you get from your internet provider, or the cheap one from Best Buy, and a Next-Generation firewall. Your basic firewall is just a wall. A Next-Gen firewall is like a wall that has holes in it where you can pour down boiling oil onto the intruders, smarter guards that ask better questions for people trying to sneak in, an intelligence service monitoring other cities with walls to see what is going on there that might help you, and many other things. For example, we sell Sonicwall products. They identified the WannaCry attack in mid-April and pushed out updates to their firewalls then.
You also need to make sure that your firewall is properly configured. An improperly configured firewall is like leaving the gates wide open and saying “Well, we’ve got this wonderful wall, what could possibly happen?”
Your Guard and Police Force – Anti-virus
AV is the guard and police force of your computer. Read more on AV here. Modern, active anti-virus scans things as they come on to your computer as well as scans things already on your computer. So, in our metaphor, not only does it check the people as they come through the gate, it roams the city looking for troublemakers to take care of.
Your Maintenance Crew – Patching and Updating
Keeping your system up to date is absolutely vital. Read more on Patching here. Just like a castle needs maintenance, so does your computer. Some of the things aren’t going to affect the security of your system, maybe like repainting rooms in our metaphor, but others are going to do things like remove secret entrances from your computer/castle, hopefully before someone uses them with malicious intent. So, while keeping your system (aka castle) in good repair may not seem like a big deal, if you have a secret entrance for the bad guys to use, it can allow them to bypass all the other carefully thought out and implemented security.
Of course, there is one down side to patching your computer. Occasionally someone will release a patch that actually does something bad to your computer. Think of it like accidently burning the castle down when you are trying to clean it. So, knowing what patches to delay installing is sometimes a very important thing.
Other Security Features
The above items are all in the reach, pricewise, of every organization, at least for the basic versions. They are also all necessary for every organization (and person). If you are a larger company, or one very concerned with security, there are lots of other options available to you. You might consider changing to a white-list system (you have to be on the list to get in) where only approved things are allowed to be installed and run, or maybe an Intrusion Detection System (police roaming all around the city).
Backup – Breaking the Metaphor
I think we did a good job of keeping the metaphor going, but now we have to break it as there is no “real world” equivalent to backup. Backup is what is going to let you recover in the event that your security features fail (or your city just burns to the ground because a cow kicked over a lantern). As we’ve discussed before backup can take many forms and has a wide range of prices. You should be backing up your data, regardless of whether you are an individual, or a company of thousands. There is no valid reason not to.
But I’m Not Really a Target
WRONG! Everyone is a target, especially for ransomware. The makers of this stuff are just trying to get as many computers as possible so they can make money, they don’t care if it is a grandmother who is losing pictures of her grandkids or a large multi-national company that has all the information about its next big product locked up. Just because you aren’t Wal-Mart does not mean you aren’t a target. In fact, cyber-criminals are beginning to learn that while the payout from a Wal-Mart might be huge, it is way, way easier to penetrate a bunch of small businesses instead.
Getting Your Defenses Up and Running
If you are lacking any of the things in this post, start working on it:
- Email filtering
If you don’t know where you stand, or don’t know what to do, then contact us. We will be more than happy to come out, evaluate where you are, and make recommendations for where you can go, all free of charge. We will work with you to make sure that you get the best solutions for your budget and start addressing any vulnerabilities.