Avoiding Ransomware

Ransomware is a frequently reported topic, and it is possibly only a matter of time before a significant attack takes place and impacts a considerable number of people and businesses. Here are some behaviour changes to help protect yourself.

  • Email Threat Awareness – DO NOT open attachments or click on links unless you trust and can verify the source. Links to malicious websites and opening attached files can result in the installation of ransomware and encryption of data. Curiosity encrypted the cat!
  • Patch Management – Keep your operating system and software applications up to date. Software vendors are continuously updating their software to remove identified vulnerabilities. If your software is no longer supported or maintained by the vendor, consider using an alternative product.
  • Pirated Software – DO NOT download software from peer-to-peer file sharing sites; including avoiding licence key generators and other software cracks. Threat actors alter versions of legitimate software to deploy malware. Also, as pirated software is unlicensed, security patches and further updates will not be available, leaving exploitable vulnerabilities in place.
  • Anti-malware – Keep all malware removal and protection software up to date. If a website popup tells you that your system is infected, it is most likely Scareware, designed to manipulate you into buying software to fix a non-existent problem; which in turn can deliver malware to your computer. Use a trusted brand.
  • Software Clutter Clearing – Remove software packages from your computers along with any browser plugins that are no longer required

These behaviour changes will help reduce risk, but remember that security will never be 100% guaranteed.

Tactical Solutions

Improving IT security and implementing governance controls is a high priority concern for corporate decision-makers. With IT security requirements continually changing as new threats emerge, the implementation of a strategic solution which delivers results upon completion at an arbitrary point in the future is not always feasible when security threats exist in the here and now. Augmenting strategic delivery with tactical activity is a fundamental requirement often overlooked.

Several high-profile security breaches have been reported in the media and have been the cause of great concern, and rightly so.  But to what extent are assurance statements made to demonstrate corrective action which, in practice, have very little substance behind the words? For example, reporting that a consulting company is undertaking a review, will publish the findings, and agree on actions based on their recommendations. This pending review might offer some protection in the event of a data breach. You could respond with “we know about the problems, and the matter is under investigation to mitigate the risks”, however, this does little in the short‑term to protect corporate systems and more to protect against ignorance and negligence.

Defining a set of tactical activities to reduce exposure to risk in the here and now, combined with a strategic review to address risk in the long-term, will make a world of difference.