ANTI RANSOMWARE KIT

b_ransomware

Recently, the dangers of so-called ransomware, their rapid spread and the associated damage have been increasingly reported. Thousands of businesses and individuals have been infected with this kind of malware worldwide in recent years. There have been immense damages.

The recent, particularly rapid spread of ransomware shows clearly that IT security is a continuous, changing process, in which one must not miss the connection.

Below we have put together some current information on this topic:

WHAT IS RANSOMWARE?

Ransomeware is a malware injected into systems or devices. Their purpose: to force ransom payments (ransom for ransom); mostly using encryption trojans that disable data.

REZA KORDI

WHO IS AFFECTED?

Everyone can be affected, both businesses and individuals. Ransomware does not target specific systems, but suggests where the opportunity presents itself.

HOW DOES RANSOMWARE WORK?

Ransomware gets itself on the same way on computers and networks like a virus, eg by an email attachment, a Web banner, PDF / ZIP files or also over infected web pages. There, this software encrypts all of the accessible user data and creates an encryption key. Subsequently, the request for payment of ransom, so that the data is decrypted again and thus become usable. Such payments are usually made in virtual currency and are therefore not traceable.

WHAT IS THE GOAL OF SUCH ATTACKS?

Ransomware serves to extort money (money). Behind this is a business model of a criminal nature.

WHAT IS RANSOMWARE AIMING FOR?

Whole IT systems and data are taken hostage by ransomware.

HOW CAN WE PROTECT OURSELVES FROM IT?

There are many different measures that can successfully prevent or at least aggravate attacks. The following starting points help:

  • Skilled staff – increased safety awareness – common sense
  • A lived safety culture
  • A working and regular data backup strategy for easy data recovery (backup / restore)
  • A network protection strategy (firewall, proxy, DNS protection, SSL interception)
  • A client and server protection strategy (Anti-Virus / Client Firewall)
  • Secure computer and user settings (accounts, passwords, …)
  • Regular patching and updates

WHAT TO DO IN CASE OF INFESTATION

  • Immediately remove infected systems from the network, shut down servers at best (damage limitation precedes operational business!)
  • instant escalation to experts
  • Record the exact time of the determination, note the user and the machine
  • Do not pay a ransom!
    Even with the payment of ransom the malware remains and you can still be blackmailed. In addition, there is no guarantee for the decryption despite ransom payment.

IDENTIFY TYPICAL VULNERABILITIES WITH OUR CHECKLIST:

1.

Are your employees trained in safety issues and sensitized to the dangers?

SECOND

Do you protect Internet access in real time with A / V and online engines?

THIRD

Did you activate the firewall function on your machines?

4TH

Are your critical data encrypted?

5TH

Have you minimized access to your systems as far as possible?

6TH

Are end devices centrally managed and protected?

7TH

Do you regularly run automatic updates and security patches?

8TH.

Is your firewall regularly updated and professionally monitored?

9TH

Are you able to restore your critical systems in the required time?

10TH

Do you control access to data and system and do you have an audit tool?

11TH

Do you protect Internet requests with secure DNS requests?

12TH

Do you conduct regular IT security assessments (assessments)?

13TH

Does your current anti-virus protect against new types of malware in real time?

14TH

How often are the security settings checked on your firewalls?

15TH

Do you have a current Business Continuity (DR) concept?

16TH

How do you manage your passwords? Do you use password management tools?

17TH

Is your remote access protected with 2 factor authentication (SMS or token)?

Could not you answer all questions clearly or do you want to make sure your environment is secure? Contact us!

WE ARE HAPPY TO ADVISE YOU ON AN INDIVIDUAL DISCUSSION OR
WORKSHOP.

Call us on 041 240 49 49 or fill out the form below for a callback:

SO WE CAN ASSIST YOU IN DEFENSE
OF DANGERS:

  • Security Assessment
  • Training of IT staff
  • Endpoint Protection
  • Network-based protection
  •  Provision for data recovery

SECURITY ASSESSMENT

Our specialists carry out security assessments for companies as required. Current security solutions are analyzed and evaluated. Thus, we can propose appropriate measures that further increase the efficiency and effectiveness of safety precautions.

TRAINING OF IT-STAFF

If required, our specialists train the staff of our customers in topics of IT security. In addition to awareness raising, it is also about how to develop appropriate strategies to increase safety.

ENDPOINT PROTECTION

The endpoints, as the main gateway for malware of all kinds, should receive special attention. Up-to-date and correct configuration and the use of an effective anti-malware solution can already significantly reduce the risk of damage. In collaboration with various security companies and experts, we have developed a concept that ensures effective protection against malware and ransomware.

Our experts support you in the conception and implementation. The updating of operating systems and applications is also a necessary obligation, because obsolete systems are easily the victims of attacks and pests of all kinds.

NETWORK-BASED PROTECTION

Intelligent network-based protection mechanisms are a simple and fast way to largely block another major malware entry gate and isolate one’s own network from dangerous areas of the Internet. There are different solutions from different providers. The correct use and the correct configuration, as well as a regular check and adjustment of security settings are central here.

Attackers are systematically looking for open or misconfigured communication channels. For example, today, 86 percent of companies allow SSL access (https: //) as secure traffic, but only 18 percent of these companies scan and control it. These channels are very often used for the spread of Trojans or Ransomware.

We therefore recommend that you keep the firewalls up to date and check them regularly. The implemented security concept should only allow systems and communication channels that are actually needed. Thus, also accesses of all kinds of unwanted countries should be blocked. Servers that do not require external communication should also not be allowed access to the Internet. With these recommendations, the risk potential can be limited in principle.

Wide’s security specialists can help develop a suitable multi-level approach to protecting your own network.

DATA PREPARATION PREVENTION

The last line of defense and at the same time the most important instrument against ransomware is the restoration of data. This requires a solution that includes not only the actual backup, but also the restore process. In addition to concept and evaluation support, we also offer a managed backup service that allows customers to implement an efficient backup solution without making large investments themselves.

Add a comment

*Please complete all fields correctly

Sicherungen

RedHat-SAP
Lightning-city-monsoon
Mitteilung

„Unsere Kompetenzen fügen sich hervorragend in das Leistungsangebot von Bechtle in der Schweiz ein. Wir freuen uns darauf, unsere Aktivitäten unter dem Dach von Bechtle kräftig auszubauen und unseren bestehenden Kunden ein noch umfassenderes IT-Lösungsspektrum aus einer Hand verfügbar machen zu können“, sagt Reza Kordi, Managing Director, Wide Technology Partners AG.

Mehr erfahren