Picture this: you are working on an important proposal at your company workstation when all of a sudden, your screen goes black. You receive a small, striking message on the top of your monitor,
“Your files are being held for ransom.”
What do you do? How can you fix it? Will your files ever be recovered? This is a small example of what can happen when you are not protected from ransomware.
Many organizations have recently been affected by an outbreak of a new ransomware variant, Wanna, which is known by a variety of aliases such as WannaC, WannaCryptor and, best of all, WannaCry. As a Sophos reseller, we want to provide you with the information that you need to protect your home and your business from these virulent attacks.
What is ransomware, and how do I protect my network from it?
Ransomware is a type of malicious software that holds true to its name. The ransomware will sporadically encrypt important files, documents and data and hold it hostage until a ransom is paid electronically. Programs such as InterceptX by Sophos serve a similar role as Liam Neeson from the Taken movies–they will find the ransomware, and they will kill the ransomware. Sophos InterceptX, Sophos Exploit Prevention (EXP), and Sophos Server Protection Advanced customers were protected proactively against Wanna ransomware from the first instance or outbreak that occured across many businesses at the beginning of May (see Wanna DecryptOr Outbreak).
On Friday, May 12th and Saturday, May 13th, Sophos was able to update their protection rules, and their endpoint software–Sophos Endpoint–now blocks every variant of Wanna from executing. This protection is crucial in protecting your business or organization from malicious software that could entirely halt business productivity.
How do I protect myself from Wanna and other ransomware?
This video demonstrates how Sophos products can help protect your network against Wanna ransomware.
We have compiled a list of three simplified, important steps that ANYONE can take to ensure that you are protected from all variants of Wanna.
1. Patch up your network.
Wanna ransomware exploits a Windows vulnerability in small or midsize businesses for which Microsoft released a patch in March. It is highly likely that new attacks will appear based on the leaked exploit and is therefore critical to patch this vulnerability at the first opportunity. In order to patch the vulnerabilities, it is imperative that you update all Windows environments as described in Microsoft Security Bulletin MS17-010.
2. Update your endpoint software.
Endpoint software is essentially software that adds extra protection to the entirety of your network. That can include other phones, laptops and desktops that are on the network and vulnerable to attacks. Once the endpoint software is updated and running according to the Microsoft Security Bulletin featured above, your network should be protected from ransomware.
3. Ensure you are running advanced ransomware protection such as InterceptX by Sophos.
With this advanced protection, InterceptX serves as a safeguard from any future attacks by intercepting spontaneous file encryption and then reversing the encryption before it causes any permanent damage to your files. Home users should consider signing up for the Sophos Home Premium, which adds protection from ransomware in your home and on your personal devices.
If you still have questions about how to protect yourself from ransomware, click on the following button! Sophos wrote a great, all-inclusive article on protecting from ransomware that is user-friendly and easy to understand. We hope that you will be able to use this information to protect and safeguard your company and your home.