![]() Protecting Your Small Business From Wanna. Cry - May 1. 2, 2. Wanna. Cry. Typically ransomware spreads via email as spam and phishing attacks, and relies on human intervention to initiate the infection. The Best; AVG Ultimate; Protection; AVG AntiVirus FREE; AVG Internet Security; Performance; AVG TuneUp; AVG Driver Updater; Privacy; AVG Secure VPN NEW; HMA!![]() ![]() However, Wanna. Cry is different in that it combines ransomware with a recently published vulnerability that was stolen from the NSA by The Shadow Brokers crime organization which means that the Wanna. Cry ransomware is able to infect and spread without any human intervention. In a matter of hours, Wanna. Cry spread to Internet- connected computers in more than 1. Welcome to the VA Office of Small And Disadvantaged Business Utilization (OSDBU). Internet. As a small business owner, you may think you have nothing to worry about since all the media coverage has highlighting large companies like Fed. Ex, Telefonica and National Health Service (NHS). Unfortunately, this threat, like many others, doesn’t discriminate based on company size and you need to worry just as much as every other organization out there if you are connected to the Internet. So what can you do to protect yourself? Before I dive in to that, here are a few key things to remember: Wanna. Cry only infects Windows devices, it cannot infect Mac, i. OS, or Android devices. Wanna. Cry only works on versions of Windows prior to Windows 1. Windows Server 2. Which means Windows XP, Vista, 7, 8, 8. Microsoft has already released patches for vulnerable versions, including Windows XP and Windows 2. ![]() ![]() Wanna. Cry only spreads via the network currently, not through email. This could change in the future, as we expect it to as the threat continues to evolve. Protecting Yourself and Your Business. There are a number of things you should be doing to protect your business against Wanna. Cry and many other threats.
![]() If you don’t have the skills, there are many Value Added Resellers (VAR) and Managed Service Providers (MSPs) available in your area that have the expertise to assist. Firewall. Every network connected to the Internet should have a firewall in place. This is a first line of defense that separates your organization from the wild west that is the Internet. Fortunately, firewalls are inexpensive, effective and widely available. It’s likely that your cable/dsl modem you received from your Internet service provider (ISP) has built- in firewall functionality already. What should you check? Make sure you have a firewall installed. Make sure you are blocking inbound connections on ports 1. Wanna. Cry spreads and enters your network. Make sure you are blocking all inbound ports that aren’t absolutely necessary. You may have to allow certain ports if you host your own email server, or some other type of server or application in your environment that needs to be accessible from outside the office. Endpoint Protection. Every device on your network should have some type of protection in place, ideally a centrally managed solution purpose- built for small businesses. That way you can ensure that all your devices are protected in a consistent manner. What should you check? Make sure you have an endpoint security product installed on every Windows, Mac, i. OS, and Android device that connects to your network. Make sure your endpoint security product is not expired and has all the latest updates. Check with your endpoint security vendor and make sure you are following all the best practice configurations to maximize protection. If you are a Trend Micro Worry- Free customer, best practice configurations are available here. Patching. All software needs updating from time to time to fix bugs that may have gone unnoticed when the software was initially released or add enhancements to the products. It’s critical that you keep all your systems up to date with the latest patches, as often times these patches include security updates. What should you check? Make sure all of your devices are up to date with the latest patches. Make sure you have automatic patching enabled. This can be done in a number of ways including centrally through Active Directory Group Policy, individually on each computer, or with a third party patching tool. Information on how to setup automatic updates on Windows XP, Vista, 7, 8 and 8. If you have Windows XP, Windows 8 or Windows 2. Wanna. Cry installed. Those patches are available from Microsoft. Backups. As a general rule, you should always be backing up your data. You never know when a system will crash, a building will burn down, or a disgruntled employee will intentionally destroy data to harm you and your business. In addition to all of those concerns, you now have to worry about Ransomware finding and encrypting all your data, rendering it inaccessible. Fortunately, a good backup plan (a 3- 2- 1 strategy is the generally accepted best practice) can help prevent or mitigate many of these potential risks. What should you check? Make sure you have a backup solution in place. There are many solutions available on the market for backing up physical and virtual machines, so you have no excuse not to have a backup solution in place. Make sure your backups are actually working. Often times backups stop working due to lack of space (disk or tape has run out of space), program errors, or misconfigurations. Double- check that everything is working properly and your backups are current. Make sure you test restore one of your backups to make sure the data isn’t corrupt. There’s nothing worse than suffering an incident that necessitates needing to restore from backup, only to find out your backup tapes/disks are empty or corrupt. You should occasionally spot check your backups and make sure they are working properly and can be restored when needed. For more detailed information on Wanna. Cry, or how you can protect yourself with Trend Micro solutions, please visit our information page for the latest updates. Archived Information. Week Radio. Join us for a roundup of the top stories on Information. Week. com for the week of November 6, 2. We'll be talking with the Information. Week. com editors and correspondents who brought you the top stories of the week to get the.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |