Keeping You Safe from Ransomware
Ransomware is currently on the upswing and impacting the Small and Medium Business (SMB) community in a big way.
The most common way an SMB will experience a ransomware (or any malware/hacking) compromise is through human curiosity. Staff are curious and tend to click on links in emails and open attachments in an effort to do their jobs. Add this to the increasingly sophisticated social engineering used by the bad guys and it’s more important than ever to ensure you and your organization are trained and protected.
Below is a short FAQ that you can share to increase the awareness of your staff. If you would like a more in-depth training, or would like CORE to deliver the message in one of your staff meetings, please contact your Account Manager.
What is Ransomware?
Microsoft defines ransomware as the generic term for any malicious software that prevents you from using your PC normally, and that asks you to do something before you can use your PC again. Ransomware can:
- Prevent you from accessing Windows
- Encrypt both local and network files so you can’t use them
- Stop certain apps from running (like your web browser)
Ransomware will demand that you pay money (a “ransom”) to get access to your PC or files. We have also seen them make you complete surveys. There is no guarantee that paying the fine or doing what the ransomware tells you will give you access to your PC or files again.
How Would My Organization Get Infected by Ransomware?
A typical method of infection is by phishing (using an email that looks as if it is from a legitimate organization but is not, and containing a link to a fake website that replicates the real one). Victims are duped into opening an unsolicited email attachment or clicking on a link claiming to come from the bank, a delivery company, or other reputable source. The most common emails look as if they are coming from UPS or FedEx, or look like invoices. The most common attachments are Zip files (.zip or .zipx) or word documents (.docx or .doc).
How Can I Stay Protected?
Don’t open any email attachments or click links from senders you don’t recognize or emails with attachments or links you are not expecting. Not sure if the email is legit or fake? Forward it to our service desk at firstname.lastname@example.org [mailto:email@example.com] and ask us to check it out. Examples of suspect emails include any email from a delivery service when you did not order anything to be delivered, or any email with unusual grammar, word choice, funny formatting, or anything else that seems “off”.
Always save files to your network drives that CORE regularly backs up (typically the S: or U: drives). Avoid saving files to your Desktop or My Documents folders as your environment may not have those locations under a backup plan. Not sure where you should save? Open a ticket with our service desk via firstname.lastname@example.org [mailto:email@example.com] or call us at (541) 858-4288 Option 1 and our technicians will answer all of your questions.
How Does CORE Protect Me?
By partnering with CORE, your organization is protected with our Security Suite; a group of hardware and software products that includes our SOPHOS and Fortinet firewalls, the CORE Windows Agent (including our Patch Manager and Security Manager), Spam Filter, and our backup appliance and monitoring services. Our Security Suite blocks the majority of malware but the bad guys are always working to crack our defenses so we and our security vendors are updating your protection regularly.
In the event your organization is compromised, CORE will provide peace of mind. We will analyze the full extent of the infection, work with you and your staff to identify the root of the infection, and implement a restore plan to bring you back to full functionally with as little downtime as possible.
With our Security Suite and your staff education, we together will hold the threats at bay. Remember, when in doubt, Don’t Click It! Submit a Ticket!
Once again, if you would like a more in-depth training, or would like CORE to deliver this message in one of your staff meetings, please contact your Account Manager. We also can conduct a mock phishing exercise for your organization, to determine how many would click it, not submit a ticket!