Unless you’ve been living under a rock you know several facts:
more and more networks are being attacked–successfully–by ransomware and other forms of malware, and
the problem is getting worse.
The miracle of networking means that everyone can now be attacked, and since a single ransomware package can be written and deployed across the Internet to lots of victims for the same low cost, no one is too small to be a target. We’re now seeing even small school systems getting ransomed.
Of course the cure is to turn off your network connections and make sure that all of your users never click on ANY attachment or link,even for seemingly legitimate purposes (see below). And also make sure that they never use a thumb drive. That, and do frequent backups of critical machines so that you can blow away any ransomed device and restore it from backup, as an alternative to paying the ransom to get your files back.
The unfortunate fact is that the hackers also tend to read the industry pubs and have learned that user slash-burn-restore from backup trick. Ransomware 2.0–now being installed on many machines–doesn’t detonate immediately. It sits dormant, so that it gets on all of the backups, and then it detonates. And hackers are proving even more adept at the social engineering required to make users click on those attachments (Bad Rabbit–the latest ransomware attack–was disguised as an Adobe Reader update).
What to do? Of course, continue with the policy of end user restrictions, so as to minimize the chance of infection. And also install a program that defeats a ransomware attack, even if it does manage to get installed on a workstation or server, and then detonate. We have managed to get a high-ticket, really effective and low-complexity program into the really low-cost range–as little as $1,000/month, or $26,000 total, installed, with support. The low pricing has moved it from a reactive purchase (after you get hacked and are casting about for ways to keep the pain from coming back) to a proactive purchase (to prevent you from being hacked in the first place). Installs in half a day, runs by itself, and doesn’t require a security expert to use effectively.
Of course, you can also buy it after your business gets disrupted and your management is spurring you come up with a prevention plan for the next time. If that has happened to you, contact us. We won’t tell.