While AWS has the highest security and protection levels possible their shared responsibility model means that you still need to protect whatever you put into the cloud.
Malware just keeps getting more vicious each year. Nowadays the gravest threat doesn’t just spy on you; it locks you out of your files and demands payment in exchange for the key. Welcome to the age of ransomware.
Ransomware comes in many insidious forms, the most infamous being CryptoWall and its variants. CryptoWall uses phishing tactics to evade security, disguising themselves as image files or ads to infiltrate your computer.
Once in, they can encrypt your files with modern cryptography techniques and hold them for ransom. They may even lock you out of your computer entirely–that is, unless you pay the hackers. Ransom amounts range upwards of $500, but the worst of it is that paying the ransom does not guarantee you will get your files back safely.
When you run an IT company that requires access to its data files or a hospital that needs its systems to save lives, you can imagine the tremendous damage these attacks can cause. One hospital in L.A. reportedly paid USD17,000 to hackers for the release of its files.
Stop Ransomware Cold
The key is to prevent it from getting its hooks into your system in the first place.
1 – Do not open suspicious emails or messages
Ignore and delete emails from unrecognised sources. Never click an attachment or link unless you can guarantee that it came from a reliable source. Nowadays, hackers have adapted their strategies to make their malware seem safe. They may pretend to be a person or institution you know and trust to get you to download their files or click their links.
The same goes for links and attachments that show up on your messaging applications, like Skype. While you may know the sender, their account may have already been hacked. Look for suspicious signs, such as subtle misspellings, or contact the person who sent it to you.
2 – Keep your OS and Anti-malware updated
Every server, workstation, mobile devices, applications, and especially your OS and antiviruses, must be kept up to date. This will minimise the chances of hackers exploiting a vulnerability in your system.
On that note, remember that ransomware does not target only Windows—Linux and iOS users are regularly victimised as well.
3 – Regularly Back up files
This practice can mean the difference between business as usual or caving in to a ransom demand. If you have diligently backed up to a separate physically hard drive and to the cloud, you can recover your data up to the point when you saved.
It is critical that you backup to an external drive, as the ransomware will most definitely corrupt backups in your local drive. This is what makes cloud backups so useful: they can be automated, they apply versioning, they encrypt your data, and finally, they store it outside of your system.
4 – Educate your staff
Take the time to educate your rank and file about phishing tactics such as fake ads and sites, the dangers of file sharing services, and other scams.
In the event you are caught unprepared by ransomware, it is advisable not to cave in to their demands. There is no guarantee you will get back control of your files. It may also mark you as a soft target, ready to cave in to future ransom demands.
Trend Micro have partnered with AWS to offer Deep Security across multiple aspects of the cloud.
Check out the video below for more information on Trend Micro or contact our security experts at PolarSeven for help to make sure that you have implemented security best practice within your environment.