Ransomware attacks are now common, disrupting business operations and costing thousands of dollars in losses. As an MSP, you can protect your business clients from ransomware by understanding the threat and by having the right technologies, policies, people, and processes in place to counter this insidious attack. Here are 10 best practices to consider for protecting yourself and your clients from ransomware.*

1. Understand the Threat: Crypto ransomware works by encrypting certain, sensitive files types and then forcing the victim to pay a ransom to gain access to a decryption key for the data. With nearly all types of crypto ransomware it’s virtually impossible to recover data without paying for the decryption key. Sometimes even paying the ransom won’t decrypt the files.

As an MSP, you need to ensure your infrastructure is adequately secured, and be able to explain to your customers why it’s essential they have the technologies and policies in place to protect themselves.

2. Educate Users: It takes one bad decision by a user to unleash a costly ransomware attack. Ransomware is often delivered as a Trojan, through malvertising, or through a phishing email. Prevention isn’t possible 100% of the time, but in many cases attacks can still be stopped if users are educated about what to look for.

3. Teach Users Not to Phish: The Webroot® 2016 Threat Brief showed that up to 50% of users will fall for a phishing attack in 2016. The key is to teach users to not open emails from unknown senders with attachments or links – and how to spot suspicious emails even when they look like they’re from known senders. Instruct users on spotting expressions or greetings the sender wouldn’t normally use as clues to something “phishy.” If all else fails, real-time anti-phishing protection can often block even zero-day phishing attacks.

4. Maintain Layers of Anti-Ransomware Technology: Reliable, cloud-based antimalware can prevent nearly all ransomware attacks, but it’s important to remember that new delivery vectors are being released constantly, so no endpoint security solution alone will offer you 100% protection. Additional security layers like firewalls, Windows OS policy restrictions, and having proper back-ups in place will all help to secure your environment.

5. Patching and Plug-Ins: Keeping applications like Adobe Reader, Java, and other plugins up to date greatly reduces security vulnerabilities and prevents browser and application vulnerabilities that may bypass your antimalware defenses. Ad and pop-up blockers also greatly reduce user error, stopping users from inadvertently clicking fake dialogs that download ransomware.

6. Use Windows Policies to Block VSS: Blocking access to Volume Shadow Copy Service will help stop ransomware like CryptoLocker from trying to erase file backups. By creating a blocking policy for the VSS Admin executable, any attempt to access or stop the service will result in the action being blocked.

7. Disable Windows Script Hosting: VBS scripts are used by malware authors either to cause disruption in an environment or to run a process that will download more advanced malware. You can disable them completely by disabling the Windows Script Host engine which is used by .VBS files to run. case of a ransomware attack, they might lose data on every mapped drive.

8. Filter .EXE Files in Email Servers: If your customers’ email gateways have the ability to filter files by extension, you should consider denying emails sent with .EXE files, or denying emails sent with files that have two file extensions, the last one being an executable (“*.*.EXE” files). This is a common threat vector for crypto ransomware.

9. Always Have a Back Up: Nothing is more effective at mitigating a crypto ransomware attack than being able to instantly restore data from business continuity backups. As an MSP, you cannot over- emphasize the importance of backups to customers, who sometimes fail to see the value. Remind clients that without a backup they might lose data on every mapped and even unmapped drive. Ransomware such as CryptoLocker can even encrypt networked drives. Having offline air gap or cloud back-ups with multiple copies of each file makes it virtually impossible for extortionists to infect backup data while offering benefits to clients.

10. Stay Current on Ransomware: It pays to keep up with ransomware developments. Some ransomware strains have been cracked, but these are limited successes. Ransomware, like all malware, will continue to evolve. As an MSP, you need to monitor this evolution: which strains are most dangerous and who is being targeted. The more informed you are, the better you can protect customers.

Even though this is written from a MSP perspective, it still details information that business owners need to know concerning the threat of Ransomware.

*Source: Webroot Inc.

If you would like to know more, please contact us at 1-800-871-9683 for a free consultation. Also, if you do not have online BDR (backup-disaster-recovery) and anti-virus/malware protection for your business, please give us a call to help you implement the latest systems. Our email address is: markhuffman@creativebusinesstechnologies.com

This year of 2018, please consider the newest technology options for your business. If it has been awhile since you upgraded your equipment or are not using the latest technologies, you could be missing out on increased productivity and profitability for your business that will definitely improve your bottom line.

The following is a partial list of options to choose from:

• Office 365: If you not using a cloud solution for your business, such as Office 365 for your Office Suite, you could be missing out on great technological options that will benefit your company in the long run.
• Managed Services: Your time as a business professional is usually very limited, since your main focus is doing your business and not dealing with IT. As IT experts, our job is to insure that your network servers, workstations, peripherals (printers, scanners, etc.) and software are operating normally and efficiently with minimal downtime. We make sure everything stays up running as it should.
• Microsoft Windows 10: If your company is still using computers that have Windows 7 or 8.1 operating systems, companies should upgrade to take advantage of the newest features that Microsoft has to offer. Please contact us if you need your operating system(s) upgraded.
• Virus/Malware Issues: Computer viruses and malware can cause havoc on your computers or even on your network servers. If you are experiencing “blue screens of death”, pop-ups, weird error messages, lock-ups, and any other strange behavior on your computer, please contact us right away because most likely it is infected.
• On-line BDR (Backup-Disaster-Recovery): If you are not currently using an on-line backup-disaster-recovery system, you could be putting your data at risk. Statistically, it has been proven that tape data backup on has a recovery rate of only 42% whereas on-line data recovery is 99%. Clearly, on-line BDR is the better way to go. If you would like to know more, please contact us for a free consultation.
• IT Security: Security for your servers, workstations and stand-alone computers is of the upmost importance. Having the right security measures in place is absolutely necessary, especially with the rise of Ransomware.
• Windows Server 2003: If your company is still running Windows Server 2003, you should make plans to upgrade your server as soon as possible to Windows Server 2012 R2 or 2016. The reason for doing so is that servers running Windows Server 2003 are vulnerable to hacking and virus/malware attacks.

As your company makes it’s plans and budgets for the year, please include the considerations listed above. If you need any help, feel free contact us with any questions that you may have. May 2018 be a very prosperous year for your business!

If you would like to know more, please contact us at 1-800-871-9683 for a free consultation. Also, if you do not have online BDR (backup-disaster-recovery) and anti-virus/malware protection for your business, please give us a call to help you implement the latest systems. Our email address is: markhuffman@creativebusinesstechnologies.com