Over a year ago, we wrote a blog post on the infamous Cryptolocker Virus and how to take precautions against it. Since then, the virus and others have morphed and continue to wreak havoc on businesses. We have seen the damage first hand to some of our customers and have worked to help them recover. We have also worked hard to see that our Managed Services customers are not vulnerable to the virus.
In a recent article from smartcompany.com, David Markus writes that these viruses are very present and costing his IT company and their fully managed clients unnecessary cost. He is seeing mulitiple attacks every week with emails that look like a delivery notice with a link for tracking delivery. He is seeing new versions of the Cryptolocker Virus on a recurring basis. Attacks usually occur because the PC has failed to see the danger signs and executed the code. The virus then encrypts local data on the hard drive and anything it can access on the network drive.
As we stressed in our previous blog post on the virus, Markus also warns against paying any ransom. Contacting your IT professional immediately is critical to retrieving your data. The other is to have your IT professional monitor your devices on a regular basis to ensure that all your updates are installed and you are protected to the fullest. Here are some basic steps you can take to avoid the Cryptolocker Virus and others:
- Give guidance as to what to look for in emails. When receiving an email with a link or button to click, check who is sending it. Sometimes, if you hover over the web address, it might actually say an address other than the one appearing in the email. Be very careful of email attachments. Especially avoid clicking on attachments with .zip or .php.
- Keep all of your devices up to date with software patches. We cannot stress this enough. Any server with internet access should run the most current versions of antivirus software and ensure that they are updated.
- Use advanced Firewall tools that can block encrypted methods.
- Use advanced Backup solutions that take regular snapshots of data throughout the day.
- Offsite Backup is a must for any business today.
- Keep your staff up to date on the latest cyber threats. (Your Managed Services provider can supply this information.)
- Have an incident response plan.
Open Forum, the American Express blog, recently also wrote on cyber threats to the SMB. The article highlighted the fact that as Fortune 500 companies improve their security, hackers are focusing on SMBs, who are more vulnerable and do not always have the same tech resources, Again, the article reinforces the need for awareness and education. “Cybersecurity starts with employee awareness, so the more you teach them (employees) about threats, such as phishing scams, adware, malware and viruses, the better.”
Please feel free to contact us with any questions about cybersecurity, such as educating your employees and enforcing an incident response plan.