Every day we are hearing about the cyber-attacks that led to a Russian influence campaign against our Presidential election, this is an ongoing reminder of how devastating these digital intrusions can be. At the same time, many businesses continue to be inundated with phishing attacks, viruses and digital theft, and just this week we have learned about another global ransomware attack.
As an information technology provider, we spend a lot of time and money on tools, processes and monitoring to avert cyber-attacks and protect our client’s systems from a wide range of threats. Our team often writes these columns, speaks to groups and communicates with clients on best practices, strategies and techniques that can go a long way to protecting digital systems. And still, the question I get asked to most is how can I protect myself or my business against cyber threats.
The answer to that question is very complex and is constantly changing as the criminals adapt the technology and techniques to keep ahead of the defensive tools and best practices, the latest cyber-attack is a good example.
Systems in countries around the world have been compromised by a new ransomware virus or a variant of the Petya malware, this software is particularly nasty as it infects the boot sector of your hard drive and can crash your system. It also has software code that enables the malware to spread across a network without human intervention, known as a “worm”, this capability is adding to the speed at which it can spread. The virus can also sit on an infected system and activate later, causing a delayed system crash and network reinfection.
Early indications are that this threat will not infect systems that have the latest patches to protect against a known vulnerability in Windows systems but it is not clear that this is true. Also, it seems that the email address used to initiate a ransom payment has been shut down, which is fine since the best practice is to not pay a ransom.
So, what can you do to prevent a malware attack or infection? The bad news is that there is no guaranteed solution, but you can increase your odds against getting attacked and you can take steps to limit the damage if you are hit by malware. Here are a few best practices.
• Update and patch your software and operating system as soon as you are notified that patches are available. All operating systems can be set to automatically patch and most web based software will also patch automatically.
• Backup your data and do it every day. Check the validity of your backups on a regular schedule. If you are hit with a ransomware type software this is the only way to recover your data.
• Use best practices when using email, file sharing and password management. This is critical as lapses in diligence in these areas are the cause of most infections. If you don’t know what these best practices are take the time to educate yourself and your organization.
• Deploy as many levels of security as you can. For clients with critical needs we typically implement a stack of threat detection, prevention, monitoring, management and scanning that most organizations won’t have access to without employing a system security provider.
Backups, vigilance and knowledge are your best defense against the digital bad guys. Don’t wait until it is too late.