Categories ArticlesRansomware

Ransomware: Get to no by just saying yes

Ransomware is the plague of these times. The bad guys have a money generation machine and they aren’t going to give it up any time soon. The Irish Times reported that 20 percent of businesses there have been hit with ransomware. I doubt that the percentage is any different in the United States; it’s just that we’re a bigger and therefore a more difficult market to count. There’s even a Ransomware-as-a-Service (RAAS) company out there, Cerber, and they are making almost a million a year in profit by only keeping 40 percent of the take from their subscribers. Overall the ransomware industry is pulling in a billion a year! So yeah, ransomware makes money and isn’t going away.

Vendors! Help me!

Vendors are jumping on the ransomware prevention bandwagon and research is coming out in droves. Since part of my responsibilities include preventing ransomware,  I read most of it. Recently, Cisco released its midyear security report on ransomware. It’s long but as is often the case there’s one thing that makes the reading worthwhile. When reviewing what’s happening on the client side of ransomware infection this one sentence in the report speaks volumes: “In Cisco researchers’ recent examination of the popular Nuclear exploit kit, for example, Flash accounted for 80 percent of successful exploit attempts.”

The Nuclear exploit kit is the most popular kit that writers of ransomware are using and 80 percent of it is exploiting flash? This is reason to sit up, take notice and implement a solution for this problem.

What to do? Just say yes to updates and patches

Adobe has been releasing patches for Flash at rapid-fire pace. JavaScript is similarly updated. The problem is that computers aren’t getting the updates. Vendors are holding up their end of the deal, but if the updates aren’t installed then ransomware wins. The bad guys get richer. Businesses suffer. People lose access to their data.

  • If you’re one of those “I don’t like change” people, then you’re part of the problem.
  • If an application offers automatic updating, say yes.
  • If your computer asks you to install updates, say yes.
  • If your computer operating system is old, it’s time for a new one.
  • If your browser version isn’t the latest one, then it’s time to upgrade.

Just say yes. When it comes to updating and upgrading, then the answer should never be no. The answer should always be yes. Saying yes is your best defense against ransomware.

What if you can’t say yes?

Occasionally, there may be legitimate reasons to say no to an update. Maybe you believe the update has problems. Perhaps, but these days very few updates are problematic. Most updates do what they say they will do and most of them work. You should bank on the side of “it works” rather than on the side of caution when it comes to patching.

Maybe you are worried the update or upgrade will have a conflict with other software that you are currently using. Yes, maybe it does. Often, the application that the security update has a conflict with will itself have an update to address that issue. Check with your application vendor, then say yes to the update.

Maybe that application doesn’t have an update. Well then you’re going to have to reduce functionality in order to protect yourself from ransomware. You will need to block the use of Flash, Java, Javascript, older browsers, and older versions of Microsoft Office. This can all be handled using Group Policy, local security policies or within the application itself.

Here are a few tips for turning features down on older versions of these applications.

Microsoft Office: In older versions, disable macros. In newer versions, disable all macros with notification.

JavaScript: This is automatically updated in modern browsers. Internet Explorer, Chrome, and Edge all have this feature built in. If you must use an outdated browser version, you can find some good resources for how to prevent JavaScript from running here and here.

Flash: These updates are now included with Microsoft updates. So say yes to Microsoft’s updates and you’ll be covered for Flash too. If you like Chrome, then you’re also covered provided you are using the latest version. If you are running an older browser version, say Internet Explorer 8, then you can block Flash and still whitelist the sites that you want to allow Flash to run on. Here’s a tutorial on how to do it.

A job for IT

Who is responsible for making sure that the computer network is secure, that computer operating systems are patched, that applications have the latest updates, that the applications in use in the company are the latest version, that there is a lifecycle plan? IT. Ransomware is a problem and IT best practices are the solution.

So if you want to get to no more ransomware, just say yes.

Amy Babinchak

I am the owner of three IT related businesses: Harbor Computer Services, Third Tier and Sell My MSP and have been working in small and medium business IT field for more than 20 years. I'm a technical person with advanced skills in networking design, management and implementation. I value technology for what it does for people and the success it brings to business.

Share
Published by
Amy Babinchak

Recent Posts

Hardware RAID vs. software RAID: Pros and cons for each

RAID is a technique to virtualize independent disks into arrays for improved performance. Should you…

3 days ago

After the plague: What IT will look like in a post-COVID-19 world

COVID-19 has changed everything, but once it disappears, we will not go back to how…

3 days ago

Solved: Outlook defaults to Microsoft 365 version with Exchange server

An Exchange server with a hybrid connection to Microsoft 365 is usually pretty seamless —…

4 days ago

How chatbots are changing the way teams communicate internally

Chatots are primarily thought of as consumer-facing solutions. They bring life to customer interactions by…

4 days ago

Hakbit ransomware campaign targeting specific European countries

The newly uncovered Hakbit ransomware campaign spread via spear-phishing emails may indicate a shift in…

4 days ago

Credential stuffing: Everything you need to know to avoid being a victim

Credential stuffing is yet another weapon being used by cybercriminals. Here’s what credential stuffing is…

5 days ago