Ransomware: Get to no by just saying yes

Ransomware is the plague of these times. The bad guys have a money generation machine and they aren’t going to give it up any time soon. The Irish Times reported that 20 percent of businesses there have been hit with ransomware. I doubt that the percentage is any different in the United States; it’s just that we’re a bigger and therefore a more difficult market to count. There’s even a Ransomware-as-a-Service (RAAS) company out there, Cerber, and they are making almost a million a year in profit by only keeping 40 percent of the take from their subscribers. Overall the ransomware industry is pulling in a billion a year! So yeah, ransomware makes money and isn’t going away.

Vendors! Help me!

Windows 10 updatesVendors are jumping on the ransomware prevention bandwagon and research is coming out in droves. Since part of my responsibilities include preventing ransomware,  I read most of it. Recently, Cisco released its midyear security report on ransomware. It’s long but as is often the case there’s one thing that makes the reading worthwhile. When reviewing what’s happening on the client side of ransomware infection this one sentence in the report speaks volumes: “In Cisco researchers’ recent examination of the popular Nuclear exploit kit, for example, Flash accounted for 80 percent of successful exploit attempts.”

The Nuclear exploit kit is the most popular kit that writers of ransomware are using and 80 percent of it is exploiting flash? This is reason to sit up, take notice and implement a solution for this problem.

What to do? Just say yes to updates and patches

Adobe has been releasing patches for Flash at rapid-fire pace. JavaScript is similarly updated. The problem is that computers aren’t getting the updates. Vendors are holding up their end of the deal, but if the updates aren’t installed then ransomware wins. The bad guys get richer. Businesses suffer. People lose access to their data.

  • If you’re one of those “I don’t like change” people, then you’re part of the problem.
  • If an application offers automatic updating, say yes.
  • If your computer asks you to install updates, say yes.
  • If your computer operating system is old, it’s time for a new one.
  • If your browser version isn’t the latest one, then it’s time to upgrade.

Just say yes. When it comes to updating and upgrading, then the answer should never be no. The answer should always be yes. Saying yes is your best defense against ransomware.

What if you can’t say yes?

Occasionally, there may be legitimate reasons to say no to an update. Maybe you believe the update has problems. Perhaps, but these days very few updates are problematic. Most updates do what they say they will do and most of them work. You should bank on the side of “it works” rather than on the side of caution when it comes to patching.

Maybe you are worried the update or upgrade will have a conflict with other software that you are currently using. Yes, maybe it does. Often, the application that the security update has a conflict with will itself have an update to address that issue. Check with your application vendor, then say yes to the update.

Maybe that application doesn’t have an update. Well then you’re going to have to reduce functionality in order to protect yourself from ransomware. You will need to block the use of Flash, Java, Javascript, older browsers, and older versions of Microsoft Office. This can all be handled using Group Policy, local security policies or within the application itself.

Here are a few tips for turning features down on older versions of these applications.

Microsoft Office: In older versions, disable macros. In newer versions, disable all macros with notification.

Microsoft Office Macro settings

JavaScript: This is automatically updated in modern browsers. Internet Explorer, Chrome, and Edge all have this feature built in. If you must use an outdated browser version, you can find some good resources for how to prevent JavaScript from running here and here.

Flash: These updates are now included with Microsoft updates. So say yes to Microsoft’s updates and you’ll be covered for Flash too. If you like Chrome, then you’re also covered provided you are using the latest version. Javascript whitelistIf you are running an older browser version, say Internet Explorer 8, then you can block Flash and still whitelist the sites that you want to allow Flash to run on. Here’s a tutorial on how to do it.

A job for IT

Who is responsible for making sure that the computer network is secure, that computer operating systems are patched, that applications have the latest updates, that the applications in use in the company are the latest version, that there is a lifecycle plan? IT. Ransomware is a problem and IT best practices are the solution.

So if you want to get to no more ransomware, just say yes.

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top