Page 80 - Cyber Warnings
P. 80
Data Backups should always be kept safe and offline, as you do not want to do be writing over
you’re backed up data with the ransomware data. In case you are already infected, consider a
recovery strategy that best suits the situation.
Anti-Virus software is important but also make sure you are running the latest anti-virus and
have the latest definitions applied. Further make sure your policies are configured correctly and
new devices installed on the network are also placed in the correct group so they are managed
correctly.
SILO. It is a good idea to cordon parts of your network off and install firewalls between each
area. This includes packet inspection and Intrusion detection systems and intrusion prevention
systems. Web filtering would also be recommended. This not only helps protects your vital
systems from attacks but can also prevent ransomware from spreading. Segregating your
network forms a barrier that filters legitimate and non-legitimate traffic to help prevent the
ransomware from spreading across the network.
What to do if I am attacked
If you have a valid offline backup, you may think it’s as easy as restoring the data. But this is not
the case when it comes to ransomware. You do not want to risk your backup also getting
infected. The most important step to take is to identify the ransomware. Then implement the
necessary steps to remove it from your systems. After doing so you can simply restore the
data. If you do not have a backup of the file(s) to restore, then your options are to either have
someone take a look at reversing the key to unlock the file or pay the ransom. It’s best to have a
look at your IT system sooner rather than later to avoid a situation like this. Meta Defence Labs
have a service where they provide a “no crack no fee” service. They will take a look at the file
for you to reverse engineer or provide consultancy to help clear an infected environment. Their
auditing services can also help provide a better idea on weak points in your network to harden
your environment.
About the Author
Harpreet Bassi. I have worked in IT and Information security for the past 14 years. During this
time I have experienced how companies cut corners with their IT budgets where security is not
always checked and tested enough. Together with some colleagues, we formed Meta Defence
Labs that offers affordable and reliable security and infrastructure solutions to our clients. At
Meta Defence Labs we provide customised and affordable cybersecurity and secure
infrastructure solutions to our clients.
Website: www.MetaDefenceLabs.com
Twitter: https://twitter.com/MetaDefenceLabs
Facebook: https://www.facebook.com/MetaDefenceLabs/
LinkedIn: https://www.linkedin.com/company/meta-defence-labs-ltd?trk=biz-companies-
cym"
80 Cyber Warnings E-Magazine – August 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
