With the rise in global Ransomware attacks on business, it’s important to stay informed on what actions are responsible for these viruses and how to avoid them. Although viruses of these types are no new news to anyone, since May 2017, Ransomware attacks have been worse than ever. Hackers have found and leaked various ways to exploit Microsoft operation systems in order to enter, retrieve, lock and encrypt all files in a company’s network, leaving companies with no option but to pay their attackers in untraceable Bitcoins for the retrieval of their encrypted files and servers. The FBI has reported that there are only a few ways to retrieve your encrypted files: 1) Return to a previous backup system, 2) contact security agencies for help, or 3) pay your attackers, however, the chances of getting back your encrypted systems, even through these methods, remains low.
How Ransomware Attacks May Happen to You
While the chances of an already attacked business unlocking its servers is unlikely, knowledge is power and understanding the various ways that these hackers can work their way into your system can keep you out of harm’s way. While many attacks are initiated through email bait, the public’s awareness of the danger of clicking links in foreign emails has taught hackers to come up with clever and unconventional ways to get into your systems. Make sure to understand the various ways your business’s system may be vulnerable to ransomware attacks. Take these actions to keep your networks from getting infected:
Charging Your Phone at Work
You heard that right. When you connect to Wi-Fi networks at friend’s houses, coffee shops, public cities, and various other locations outside your business, you are actively storing cookies on your phone. If hackers placed anything on those networks and you then charge your phone by plugging it into your work desktop, all those cookies can be released onto your work system and cause for a business-wide system encryption (which is not worth the headache of missing a couple texts.) These ransomware attacks are incredibly difficult to reverse. Here’s what you can do to prevent this:
- Make sure that you delete all website cookies on your phone’s browser before connecting to any systems at your work via Wi-Fi or USB cords
- Charge your phone by plugging it into the wall; never plug it into your desktop.
Hidden Devices on Your Computers
Whether or not you’ve seen any suspicious activity at your office, you should make sure to check all computer ports on every desktop at your work to look for any foreign devices. These may be ethernet cables plugged into the wall on unattended computers, or even small USB devices (such as USB devices masked as Bluetooth mouse connectors) plugged into the back of your desktop. These can easily be placed by hackers working in, say, your building’s cleaning service. When left alone, these devices will monitor, live-stream, and save all of your network activity to hackers’ systems, causing for nasty ransomware attacks. Here’s what you can do to prevent this: Inform your employees of these system exploits and tell them to regularly check their desks for unknown USB devices, cords, or SD cards plugged into ports at their workstations. Be especially wary of unattended computers at previous employees’ desks.
Former Employees with Password Access
Whether or not you trust your old employees to not hide their old work passwords, if their personal computers or home systems are hacked while your company’s passwords are stored on it, your business may be at great risk for ransomware attacks. Here’s what you can do to prevent this: Make sure to reset any passwords your employees have access to when anyone moves on from your company. This can keep you and your system out of harm’s way.
If your employees’ personal email is compromised, hackers can often reset passwords for work-related servers connected to their work emails. To put it in layman’s terms, when you create an account with your work email, you are often required to set up a backup email in case you forget your password. Links can be then sent to the backup email for you to change your username and password. Businesses need to be careful about allowing their employees to use their own personal emails as backup email addresses, since a simple compromise of their personal email addresses may result in massive ransomware attacks on work-related network materials. What you can do to prevent this: Never use your personal email as a back-up for work-related networks. Always use your boss, or a trusted coworker’s work email as a backup email.
Where To Go From Here
Interlog USA is CT-PAT Certified and has been verified to have taken all necessary steps to avoid ransomware attacks. If you would like to learn more about how to avoid a ransomware attack, call our team and we’d be happy to help!