10 Critical Steps to Survive a Ransomware Attack, Step 6: Restrict Access to File Shares (aka “Silo Your Data”) Most small firms we work with have a single file repository on their network, and every staff member has full access to it, and all of its contents. This means that anyone, from the CEO all […]
First off, if you did not request it, don’t open it. In the last two months, we’ve worked with three Vice President and higher executives who said exactly this: “I received an attachment from someone I didn’t know, and I wanted to see what it was.” Curiosity killed the cat… and the VP’s computer. The […]
A firewall is a type of security device that blocks network traffic to and from unauthorized sites, and allows traffic to authorized sites. Firewalls range from high end devices designed to protect the likes of Amazon and Facebook, down to SOHO (Small Office/Home Office) devices from Linksys. While there is a tremendous range of features […]
If you and your staff don’t need unfettered Internet access to do your job, don’t allow it. Period. Most of your employees do not need access to Facebook, Amazon, CNN, YouTube, and a majority of the websites they’re accessing every day. Every time you go online and access a website, you are increasing your exposure to […]
What are software patches? Patches are fixes for “bugs,” or flaws in programs. While some people still like to say “computers don’t make mistakes,” one must remember that computers are designed, built, and programmed by humans… and humans certainly make mistakes. Software patches are created when a problem is found, and the author of the […]
This is part 1 of a 10-part series of articles on protecting your business assets from ransomware. You can read the articles as a series of blog posts, or request a copy of the entire series in this free whitepaper: 10 Critical Steps to Survive a Ransomware Attack. Step 1: Drop Administrator Rights One of […]
We’re seeing a rash of ransomware sweeping across IT systems, ranging from large enterprises to microbusinesses with only a few PCs. As I am writing this, we are in the middle of responding to an incident where a business has been entirely shut down due to being infected with the Locky ransomware. The entire business has […]
The US-CERT (Computer Emergency Readiness Team) (a division of the Department of Homeland Security) recently published an advisory to immediately ditch Apple’s QuickTime product on Windows systems. They cited a blog post from Trend Micro, which noted that Apple has dropped security updates for the product on Windows, and that there are known security holes […]
Last week, WBUR’s On Point with Tom Ashbrook dedicated an episode to the topic of ransomware. The guests included ransomware victims, as well as a security professional who discussed the problem. Unfortunately, the expert occasionally used jargon that may be foreign without some context, but Tom did a decent job of getting definitions from him. […]
With all of the scams running around the Internet today, it’s easy to ask “what can we do?” Just last week I met with an employee of a company that had been completely shut down for a week due to ransomware (probably Locky, probably delivered by an email to an HR executive who had too […]