VSN web and CRM developer Oriol Egea provides key messages and tips for dealing with a threat as prevalent as malicious software.
A few days ago we have witnessed how a variant of the Petya malware, whose characteristics are very similar to the famous Wannacry virus, has attacked important companies and institutions all around the world.
It is a malicious software known as ransomware, a type of computer virus that, once installed on the victim’s computer, encrypts their files and requires a sum of money for the hostaged data being returned to its rightful owner -without a warranty that such data will be returned successfully after payment.
Nowadays, files and data stored on computers and servers are the most valuable asset of any company, and can lead to significant economic losses in the event that these files are misplaced, erased or leaked to third parties. This fact, coupled with the lack of knowledge, maintenance and updating of systems, creates the perfect scenario for ransomware to be installed, spread and affect the entire data infrastructure of large and small companies.
If we want to protect our data, we have to get clear which are the three weaknesses that this type of software exploits to propagate and ensure that we are protected against it:
1. Training of users and antivirus: The most common entry point of ransomware is the access through the computer of a regular user of the network. This person receives the virus through e-mail or other means and, believing it to be a legitimate document or software, installs it voluntarily on his computer, being the first to lose access to all his files.
The most direct way to solve this problem consists of two-step formula. First, train the users to make them aware of how malicious software often impersonates photographs and documents, and the importance of not opening executable files that come from unknown sources. Second, install antivirus systems whose function is to intercept downloads of malicious software and prevent the end user from running it.
2. Updating systems:The most advanced ransomware carry out propagation strategies to reach the rest of the computers on the network once the first infection is achieved without the intervention of any additional users.
To do this, they take advantage of security holes in the computer network and infect all the nodes vulnerable to these failures, thus ensuring a greater impact and pressure for the victim to pay the ransom of their files.
Given this situation, we must be aware that it is not advisable to pay, since nothing guarantees the return of the files once the payment has been made.
However, we can prevent the virus from spreading if we follow some recommendations. First, the most effective way to protect oneself is to keep our systems up to date, since the security flaws exploited by most ransomwares are publicly known and have security patches that correct them. Therefore, updating our software through official sources is the best option to ensure our security.
Second, in cases where we cannot guarantee the updates of a particular system, it is best to try to isolate the outdated node from the rest of the network and disable the use of obsolete and outdated protocols (such as SSL with respect to TLS, etc.).
3. Have a technical support service: Although applying all the tips described above is vital to ensure our systems, it is equally important to have a technical support team that knows the equipment that we work with daily.
VSN’s technical support service guarantees complete assistance in securing our systems and ensuring that the possibility of infection by ransomware and other computer viruses is minimal. In short, it is the ideal ally to secure VSN systems, due to their high knowledge of the technologies and infrastructures used.
This article has been writen by Oriol Egea, VSN’s web and CRM developer.
Oriol is a developer with extensive experience in intuitive, modern and scalable applications, and a passion for both software development and everything related to system administration and IT security.