Sometimes the stay at home orders can make you feel like a hostage in your own home (or office).  Don’t let Ransomware do the same to your computer!  Hackers will take advantage of any situation, and we are seeing this ring true for the pandemic.

First, what is ransomware?  Ransomware is a type of software intentionally designed to cause damage.  It typically threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. It holds your computer and data hostage.  Hackers get in with phishing schemes, often emails made to look like they are legitimate but that coerce the end user into providing sensitive data, like passwords. What are the best defenses against Ransomware? Educate, Adapt and Plan. 

Educate:

Now is a great time to refresh yourself and your employees on best practices.

1. Check the “from” email address. Does it match the sender, and is the domain a real domain?  Example: You receive an email from the CDC that reads “Urgent Message Regarding COVID Outbreak” the address is close, but instead of originating from cdc.gov, hackers created a similar email address, cdc-gov.org. A quick search of the domain, cdc-gov.org shows that this is not a legitimate domain.

2. Broken English and poor grammar.  While the US does produce a good amount of hackers, many are from non-english speaking countries. 

3. Hover over links.  If an email urges you to click a link and you hover over the link and the URL doesn’t match, don’t click it!

 4. Ask yourself if you are expecting the email. If it appears to be from someone you know, but just a little off, give them a call and ask them about it.  Bonus, if their email account has been compromised, you are helping them out as well.

Adapt:

1. Regularly back up your systems. In the event a hacker gains control, you will not need to pay the ransom for your data if you have it backed up. 

2. Institute a more thorough checking of embedded email links, including blocking uncategorized websites, using Microsoft Advanced Threat Protection (ATP) safelinks functionality or using a DNS filtering service. 

Plan:

 1. Review your ransomware incident policy and determine whether it needs to be updated in light of the pandemic. 

2. Talk to your IT support team to determine whether they will be able to travel to you and assist if needed.

3. Determine how you will replace affected equipment in your employees homes, if needed. 

Remember that Regala Consulting can assist you in creating a plan to keep your systems safe from hackers, both on and off your business premises.  We offer 24×7 emergency support services for when a mission critical outage strikes your business.