Keep your organisation safe – how to protect against Cryptolocker & other malware
Many of you will already be familiar with the Cryptolocker ransomware and new variants appear every few months.
Due to the complex encryption strategy utilised, malware of this type is nearly impossible to remediate once it has infected a computer. Antivirus software alone cannot break the encryption. The only way to unlock the files is by using the unique decryption key, so there is no way to retrieve the private decryption key without paying the ransom.
Myriad IT does not recommend paying anything at all, as it encourages them to do it again and again.
NextGen Firewall for Anti-virus gateway and web filtering.
Myriad IT use a vendor called Cyberoam, a NextGen firewall provider with Check Mark Level 5 certified gateway anti-virus which is tightly integrated with Intrusion Preventing System, Web Filtering and Anti-Spam. It secures organisations (including ours) against blended attacks and maintains high levels of security. Malicious traffic is blocked at the firewall level before it reaches the end user computer.
Anti-Spam for email filtering.
With e-mail being the most important method of communication for businesses it makes sense to implement an effective solution that protects this valuable means of communication. Myriad IT recommends the use of anti-spam to scan spam emails, which are often used as vectors for distributing ransomware.
SpamTitan provides the protection that every company needs against Spam, Viruses, Trojans, Malware and all other unwanted email content and threats. Myriad IT partners with SpamTitan to deliver a cloud hosted anti-spam solutions.
Network Access control.
Network administrators should set password protection and proper privilege settings for users accessing any critical shared drives. Some useful policies are:
- Block the opening of executables in temp;
- Block the modification of the VSS service;
- Block the opening of executables in temp+appdata;
- Blocking creation of startup entries.
Endpoint Protection with Journaling.
Myriad IT partner with Webroot, the market leader in cloud-based, real-time internet threat detection for consumers, businesses and enterprises to protect all the ways we connect online. A unique capability that sets Webroot SecureAnywhere apart from every other antivirus solution is the way unknown or ‘undetermined’ malware is handled, and the automatic remediation that is provided to ensure endpoint protection.
When a Webroot SecureAnywhere solution is installed on a machine, a CryptoLocker infection variant should be detected automatically before it can infect and make changes to the computer. Even if a new variant of the infection infiltrates a given system, SecureAnywhere technology includes automatic journaling to undo changes to a computer’s files.
Recognised as a leader in backup and recovery in Gartner’s Magic Quadrant for Enterprise Backup Software and Integrated Appliances, CommVault has redefined enterprise data protection, enhancing operations across all platforms and tiers, including heterogeneous disk, tape and cloud location.
It also reduces the cost and risk associated with protecting, recovering, discovering and accessing data at the edge on laptops and desktops while empowering mobile workers with self-service access to their data from virtually anywhere. It’s a great, modern solution that represents the future of data protection, all managed in a single platform.
If you have concerns about your organisation’s security, Myriad IT is here to help. Please feel free to contact us for a discussion.
Your partner in intelligent,
reliable business solutions
and technical support