First and foremost, if you need assistance thwarting off Ransomware or just securing your infrastructure, read my article as to Why you need an I.T. consultant (even if you think you don’t). In the case of your home system and files, you should be backing these up to. Click this link to read about my recommendations for the best consumer based backup software packages.
- Verify your system backups are running at 100%. With a possible Ransomware outbreak this is your only solution to restore files.
- Make sure you’re not running any Windows XP in the environment. Upgrade the systems and patch them up to date. According to Wikipedia, Windows XP is still close to 40% used worldwide. Read that here.
- As mentioned above, you are going want to make sure that you’re Windows systems are patch completely up-to-date. And you especially want to make sure that Microsoft update MS17-10 is installed on all Windows systems in the environment. This is the vulnerability that the Ransomware is taking advantage of. Whatever method you use to patch systems, get them patched now. Don’t run vulnerability scans to find systems that might be infected – simply patch them all!
Limit your servers and workstations from Internet connectivity. My practice is to block all Internet access from all my corporate servers, unless needed for some reason. And if it’s needed, I use application and URL filtering to specifically allow only the features it may need. Having exposure to the Internet is just not safe for such critical systems. Workstations should have limited Internet access as well. Most, if not all, corporate firewalls provided URL, application and category based Internet filtering. Less is more in the case for Internet access.
Have you been a victim of Ransomware? What is your experience and advice?