Is it a Windows update or ransomware? Click here to find out! A new ransomware, labeled Big Head, is imitating Windows updates and tricking victims into thinking the prompt on their screen is legitimate, while it is infecting their device. Once infected, it starts to encrypt your data then holds it ransom in exchange for cryptocurrency. This report comes from The Hacker News. As we have written recently at Security Bytes, ransomware has evolved more recently. This particular attack follows along with that trend. Not only does it encrypt the data on your device, it will also steal your data and hold that ransom as well.
Ransomware here to stay
It appears here to stay, or so it seems. Cybercriminals are opportunistic and will continue to do what is successful. So until the day ransomware is either no longer successful or profitable, it will be sticking around. This means we need to continue to educate and raise awareness on the very real dangers of it. As we have written before, it is no longer good enough to just have quality backups. We must have tools in place to minimize the risks of the data being stolen as well.
Suggested tools
The tools can come in many forms, but at minimum all devices on your business network need a business or enterprise level antivirus or endpoint security software. This will help eliminate most known malware variants from being successful.
You will want an email security solution of some kind, whether a third-party solution you integrate into your provider or one directly from your email client. This will help provide additional security, especially when opening attachments or clicking links. These solutions can help ensure they are safe.
Next you will want a next gen firewall securing your business network. These firewalls will help monitor traffic on your network, prevent known malicious activity similar to how your antivirus does, and allows for full control of your network.
One more really useful tool to have is intrusion detection software. Oftentimes these can be part of the next gen firewall, but not always. So I want to call these out individually. What good are all these other tools if you can’t identify when a malicious file or activity has intruded your device or network. This tool will help identify these intrusions and make you aware you may have a problem.
- Business or Enterprise Antivirus/ Endpoint Security Software
- Email Security Solutions
- Next Gen Firewalls
- Intrusion Detection Software
It is important to remember, even if you have these tools, they need to be properly configured and monitored to really be helpful. It also only reduces your risk, does not eliminate your risk of falling victim. Cybersecurity requires multiple tools, policies, procedures, and so on in order to be the most effective. It is security in layers.
To learn more on ransomware and other cybersecurity threats, trends, and topics with a focus on small business, check out Small Business, Big Threat!