Ransomware is a form of malware that infects devices, networks, and data centres by locking the files until the user or organisation pay a ransom to have the system unlocked. In the recent past months, a number of companies were affected by ransomware “Locky”. This quickly grew to become the second largest family of ransomware in the world, just behind CryptoWall and ahead of TeslaCrypt. The United States, France and Japan are the top 3 countries infected by Locky, but the ransomware is also leaving its marks on the Asia Pacific region.
Today ransomware is targeting everyone be it MNC or SME or individuals. SMEs and individuals are especially at risk because they lack the knowledge and the expertise to protect themselves from such attack.
To mitigate the ransomware attacks, cyber-security protection such as firewall and anti-virus software are important ingredients in the fight against malicious malware. Surveys conducted shows that more than 90% of companies in Malaysia do not have a proper firewall in their networks and more than 50% do not have any antivirus installed. Malaysia is also one of the top 10 most vulnerable countries to cyber-attacks
Besides a good antivirus and an anti-ransomware application, we still need to have some good practises in place especially in a business environment.
|User Good Practises||Security Expert Practises|
|Install antivirus program||Install a good firewall together with good end-point protection software|
|Use strong passwords (at least 8 characters with mix of caps and non-caps, 1 or more number and 1 or more symbol)||Use a strong IT security policy for users as well as computers in your environment|
|Change passwords frequently (once every 3 months)||Use a 2 factor authentication service|
|Visit websites you know||Use a website filtering service|
|Do not open attachments you are unsure of||Use a remote cloud email server to scan your emails before downloading|
|Take a backup regularly||Have a good backup software that supports full backup with differential backup every hour|
The firewall and anti-virus mechanism is there to prevent/mitigate malware, however, there is no fail-proof mechanism to stop ransomware; the only successful method is to recover from your backup data.
Our point of view is, nothing beats having multiple version of backup as contigency. At least when the worst has arrived, we can still recover and limit our losses in the event of a disaster or a ransomware attack. Remember, this is 2017, where no one is safe from these advance threats.
Remember to have your backup done regularly and store your backup data outside of your office.