In this video we detail the 5 steps your business should be taking to protect against ransomware.

For a more detailed blog post on these 5 steps please refer to this recent entry: Ransomware Protection Guide

Current list of ransomware variants:

aaa – extension
abc – extension
Aga
Alpha
AlphaCrypt/Locker
BadBlock
Bandarchor
BankAccountSummary
Bart
Bitcrypt
ccc – extension
Centurion_Legion
Cerber
Chimera
CrypAura
DedCryptor
DetoxCrypto
DirtyDecrypt
DMA
Dogspectus
ecc – extension
Ecovector
Educational (EDA2)
Educrypt
evil – extension
Fakben
Flocker
GhostCrypt
Harasom
Herbst
Hi Buddy
HydraCrypt
Jigsaw
JuicyLemon
KawaiiLocker
KimCilware
Koler
Kovter
Kozy.jozy
LeChiffre
Link
Linux
Locky
LowLevel04
Mahasaraswati
Maktub
Mischa
MM Locker
Nanolocker
Negozl
Nemucod
Odcodc
One1uno243@yandex.com
OphionLocker
PadCrypt
Payfornature
Payms
Payransom
Petya
RAA-SEP
Ranscam
Ransom32 (RaaS)
RansomCuck
RarVault
Samas
Samsam
Sanction
Satana
ScareMeNot
Teerac
TeslaCrypt
TorrentLocker
Toxcrypt
Troldesh
UltraDeCryptor
Unlock92 2.0
Vault
Vegclass
Veracrypt
Vipasana
Virus-encoder
Wildfire
Xorist
xort – extension
xtbl – extension
xyz – extension
Yakes
zCrypt
Zepto
zepto – extension
Zimbra
Zyklon
7ev3n
7h9r
777
8Lock8

 

Video Transcription:

Scott: Hi folks, Scott from IT rockstars welcome to the show and you’re probably wondering why I’m wearing the sunglasses and I’ll get into that in a minute first I have to play this intro to make it look as though we know what we’re doing here. Ok we’re back, now the reason for the sunglasses. I’m away at to the Sun next week and I’m going to tell you where I’m going, that will be a big surprise in the next video but I’m protecting my eyes against the sun and protection is the name of today’s vlog and it’s basically protecting your business against ransom, now I did a vlog post about this back in September. I personally knew of 6 business in Aberdeen since the start of the year that have been hit by ransomware, the cryptolocker virus. If you’re not sure what cryptolocker is or ransomware, it’s basically a file that comes through in the form of an email. It will look like a genuine email or it will look like a PDF. You open up that PDF, in the background, what’s happening is, the files, the virus is basically encrypting all the files on your computer and if your computer is hooked to a network or a server, it will go off and encrypt all those files and you can’t get access to your documents (Excel, Word, photos) and it pops up and the ransomware said “Hey, you don’t have access to your files”. You have to pay us money and that’s the whole reason, it’s called ransomware.
1:42 The first thing you can do to protect your systems against it, your organization, your company against this is raising awareness amongst staff. You can put out all the technical protection you can do and e- virus software all that type of stuff but the main thing is actually raising awareness amongst staff about dodgy emails basically. Now, they don’t always come through an email, the newer variants, this one called ZAP, one that I came across back in august , it was just a web page. It was just an advert and an web page that had the virus encrypted in it but the main thing is communicate with your staff and say, ” Hey, if you’re not sure about an email or a webpage and take the attachment of the email cause it comes the PDF and email it to your IT provider and get them to check the file before you open it. Now, they’ll be able to run it in a sandbox environment and they will be able to see if the file is genuine or not, so that’s the first thing.
2:33 The second thing is that you can do, I’ve got 5 things here so the second one we’ve got here on the blog post is server side protection and GPOs. I won’t go into details on this but basically there’s a script that you can put on you server, if you have a server in your office or your organization and it will basically block files from being run in certain locations. Now the cryptolocker or the ransomware virus it usually gets executed in certain part of a computer and what a group policy does is it blocks the running of that script that’s the next better protection. Ask your IT provider if they have group policies objects in place against ransomwares. That’s a big one and it can really help you and protect you.
3:17 The third thing is to make sure you’ve got a pretty decent spam filter. You’ll find that spam filter not one only will let you know, delete all the spam. It will also take– it will have a look at the files themselves that are coming through and if it sees anything dodgy, it’s going to delete them or blacklist them, note. If you’re on 365, office 365, you’ll already have a level of protection on there but you can get higher level of protection against spam and viruses so yeah, check, make sure you got a good spam filter.

3:48 Number four, now this is, probably should’ve put this one first actually. Number four is to check your backup. Now I’m hoping that you are backing up your data in your company. I’m assuming you are and if you have an IT provider, they’re probably doing the back up for you and usually the way it works with a backup, you will get an alert, a daily alert to tell you if the backups completed or if it’s failed and why it’s failed. Now, what alot of it provider miss out or alot of IT people is to actually check to see if you can actually restore from a back-up and that should be really done every couple of weeks to every month and that’s actually take the backup that you’ve got and actually see if you can restore a file from it and the reason that’s number four on the list, I would actually say that’s the most important one. I should really put it at number one is because if you do get a virus, this is the only way you can get out of it is basically by taking a backup and restoring from the backup. Otherwise all your files encrypted and you could pay the ransomware but it’s not 100% that you’re going to get back your files if you pay the ransomware. So, make sure you got a working back-up that you can actually restore from.
4:57 The fifth one here and the final one, I’ve gotten a list, actually a much longer list but the fifth, I’ve got here is a System Vaccine. Now, I’ve got a link on my blog post too, a vaccine page and it basically will, this vaccine is a big software and it will protect your systems about 99.9% of all latest and ransomware viruses that are out there. As I said, there are probably another 10 items on this list or another 5 items on this list that you could be doing. If you want to know more information about how to protect your systems against ransomware or maybe being hit by ransomware but you got to go and get a provider in there and you know maybe you want a second pair of eyeballs. I do have eyeballs by the way then give me a call. The number is IT rockstars is 012-245-16055. The website is www. itrockstars.co.uk and if you’re looking for the blog post with all these relevant links, just go to the website and look for this image here and you will get all the relevant information here and I’ll see at the next blog post in the sun. Alright. Thanks folks. Bye.