Application Support

Computer Security Day 30 November

Local businesses need to protect themselves from Cyber Attack

Andy Hughes, IT specialist and Technical Director of Synergy Technology whose head office is based in Nateby near Garstang, offers key advice for SMEs to help protect your business from being affected by computer viruses and Cyber Attacks.

“With an 144% increase* in successful Cyber Attacks on businesses over the past 4 years and with 93% of Data protection breaches** caused by human error, it is critical that businesses stay vigilant to protect themselves against being crippled by a computer virus, Ransomware or Cyber Attack. It’s not just the large corporations that get targeted, everyone is at risk, and SMEs don’t always have the resources to recover as quickly as larger businesses.

It is also important to remember that in this day and age your IT system is the core of your business, be it large or small, and the shutting down of the system due to a security breach even for just for 24 hours can have a detrimental effect on your business.

Needless to say, businesses that do not regularly back up their servers and computer devices as well, may never fully recover from the damage done.
You should also have a Business Continuity plan in place, it is not a matter of if you will need to invoke it but when. At times recovery is quicker and more efficient if you use your Business Continuity service to recover the whole system or server. Time is of the essence and recovery using backups can be complex and very time consuming, especially if you are not fully aware of the damage caused by such an attack.”

“I have outlined below 8 key ways to help reduce the risk of a Cyber Attack on your business, and as other many IT specialist would agree, I also encourage businesses to strongly consider moving to managed hosted platform services to eliminate many of these risks to your business. We can support you to adopt to a hosted workspace and imporve the security of your system using our Citadel services. Contact Synergy Technology for more information”

8 Ways to avoid being crippled by Ransomware

1. Education – Train your staff regularly

It is critical that you educate your staff to identify suspicious emails and links and to delete or report them to the IT Department. They must know what to do and what is, or appears to be dangerous. The message must be constantly reinforced by the business. Most incidents are caused by employees either opening or bringing viruses or ransomware into the business.

2. Patch your Systems

Keep all IT systems patched and up to date at all times. This includes Operating Systems and applications. Do not limit this to servers, it must include end user devices.
There are ways to automate and manage this process, which make it easier to do and keep current.

3. Backup and backup again!

Make sure your backups are thorough and are run at regular intervals. It is imperative that backups are tested regularly to prove integrity. Remember – backups are your only way back in most cases!
Have a business continuity plan in place, speed of recovery is absolutely critical, don’t just rely on backups alone. If your whole system is affected, sometimes the only way back is to invoke your disaster recovery plan.

4. Protect your Servers

Anti Malware and Anti Ransomware must be installed on all servers and kept constantly up to date.
In addition to this System Administrators within your organisation should not give their normal user accounts extended privileges. Instead they should use a separate Administrator account whenever they need to perform tasks requiring administrator privilege. This means that if CryptoLocker (or any other malware) does manage to get in via the normal user email account, its reach is likely to be limited.

5. Protect your End User equipment

Anti Malware and Anti Ransomware must be installed on all end user devices and kept constantly up to date.
If it is possible to limit the areas in which executables are allowed to be run (such as via Group Policy), this will limit the damage caused by malware that attempts to run outside of the strictly controlled areas of the file system.
Be aware that an infection can reach a PC via other means, such as network shares, USB sticks, laptops taken out of the office environment.

6. Segmentation

Create separate functional areas with a firewall, e.g., the client and server networks, so systems and services can only be accessed if really necessary.
Containing threats is important when fighting against these challenges.

7. Macros, be aware!

A lot of ransomware is distributed in documents that trick users into enabling macros. It is advisable to limit the functionality of macros by preventing users from enabling them on documents downloaded from the internet.

8. Hidden file extensions

One way that ransomware frequently arrives into a business is in a file that is named with the extension “.PDF. or EXE”, counting on Window’s default behaviour of hiding known file-extensions.

If you re-enable the ability to see the full file-extension, it can be easier to spot suspicious files.

“As IT specialists Synergy Technology frequently receive enquiries regarding these threats and we offer advice to help prevent the damage that Cyber Attacks subsequently causing a business. I strongly suggest that businesses do not take it for granted and think they won’t be hit. You must make sure to follow good working practices to ensure the security of your information.

If you become infected or suspect you are infected, then disconnect your device from the network immediately, switch it off and call your IT department or IT adviser, by phone – not email!

If you act very quickly you might be able to stop communication with the server before it finishes encrypting your files. If you disconnect yourself from the network immediately, you might mitigate the damage. It takes some time to encrypt all your files, so you may be able to stop it before it succeeds in attacking them all. This technique is definitely not fool proof, and you might not be sufficiently lucky or be able to move more quickly than the ransomware, but disconnecting from the network may be better than simply sitting there and doing nothing!”

*Source CYREN’s 2015 Cyberthreat Yearbook