SandStorm IT

Power On

  • Services
    • Managed IT Services
    • Servers & Networks
    • Business Computers & Support
    • Cloud Services & Data Backup
    • Custom Software Development
    • VoIP Telephone Solutions
    • Custom Web Design
    • Disaster Recovery Solutions
    • Security & Compliance
    • IT Consulting
  • Technologies
  • Pricing
  • Work
  • About
    • Our History
    • Our Team
    • Careers
    • Press
  • Blog
  • Contact
    • (901) 475-0275
  • Help Me

RansomWare and What You Should Do Now!

May 15, 2017 By SandStorm IT

Several of SandStorm IT’s customers have asked what can be done about the current rash of ransomware virus infections, and, specifically the WannaCrypt, or commonly called the Wanna Cry virus.

 

What is “Wanna Cry”?

BREAK
WannaCrypt or “Wanna Cry” is a ransomware virus designed to make your data inaccessible and to then extort money, funds, or some form of payment from you to get access back to your data. Once WannaCrypt gets onto your computer, it encrypts all of your data and then shows a message telling you to send a bitcoin payment to get the data decrypted.
BREAK

I’ve got it, so now what?

BREAK
You may feel you have no choice but to trust the extortionists and pay the ransom, but…you may have another options.  If you have a good backup of the affected files, you can restore them.  If the infection occurred after the latest backup, that should get your data back.  Before restoring, though, you’ll want to eradicate your system of the existing virus.  You can run any of several virus cleaners to find and remove any known viruses on your computer.  If that doesn’t find and remove the WannaCrypt virus, you may need to reformat and re-install your operating system.
If you need any assistance with this, give SandStorm IT a call and we can dispatch one of our highly trained IT Techs to work with you on this.

 

How can I keep from getting infected?

BREAK
Prevention is always the best solution.  We recommend a tiered approach: gateway protection, end point protection, and backups.

 

Gateway Protection

BREAK
A strong firewall is essential to help protect the “gateway”, or perimeter, of your network. SandStorm IT recommends acquiring and implementing a SonicWALL firewall.  While the SonicWALL’s Gateway Antivirus, Intrusion Prevention, and Anti-Spyware go a long way in protecting your network, nothing can prevent all viruses 100% of the time.

 

End Point Protection

BREAK
Protecting the end points with a modern updated antivirus engine with the latest definitions is very important.  SandStorm IT recommends Symantec Endpoint Protection (SEP).

 

Another layer of protection could be achieved by installing Malwarebytes professional on every workstation to run along side Symantec Endpoint Protection.  In order to do so the workstations will need to have at least 8GB of RAM to not see a slowdown.

 

Most of the ransomware infections SandStorm IT has seen are isolated to single workstations, however the virus can encrypt files on shared folders that the workstation may have access to without actually infecting the server.  An infected workstation can easily encrypt files on shared folders making them inaccessible forcing a recovery from a backup.

 

Making sure all Microsoft and third party applications are patched and up to date is also important. Adobe Reader, Flash, Java, are all common programs that are targeted.

 

Backups

BREAK
Backing up data really is the best thing you can do to protect yourself. Make sure all critical data is backed up and that the retention policy is long enough to be able to identify an infection and recover before the backups are overwritten with virus/encrypted files.

 

Conclusions

BREAK
  • First, if you don’t have a recent backup, do that immediately!  Stop what you’re doing and backup all of your critical data.
  • Second, ensure all of your Windows Updates have been applied and that all of the software on your computer / workstation is up to date.
  • Third, make sure you have a current, commercial grade virus protection software.
  • Fourth, verify that you have a sufficient firewall on your network.

 

If you need any assistance, please give us a call at (901) 475-0275 and we can provide additional information  as well as a quote for getting your computing environment safer.

Related Posts

  • Ransomware - What To Do If You Are Infected
  • Ransomware - What To Do If You Are Infected
  • Are you still on a workgroup network?
  • Do I still need endpoint Malware protection?
  • What is a Firewall and Why do I need one?

Categories: Cybersecurity, Ransomware, Spyware/Malware/Viruses, Wired Networking

Subscribe to Our Newsletter

Check your inbox or spam folder now to confirm your subscription.

SANDSTORM IT BLOG

Featured
News
Press Releases
SandStorm News
Security Alerts & Vulnerabilities
Managed Services
Managed Anti-Virus/Anti-Malware
Managed Backups & Monitoring
Updates/Patches
Passwords
Cybersecurity
Spyware/Malware/Viruses
Social Engineering/Phishing
Ransomware
Data Breaches/Leaks
Other
Servers
Server & Server Hardware
Cloud/Serverless Computing
Server Operating Systems
Networking
Wired Networking
Wireless/Wi-Fi
Internet of Things (IoT)
5G & Mobile Networking
Business
General Business
Enterprise Resource Planning (ERP)
Voice & Telephony
Backups & Business Continuity
On-Site Backups
Cloud Backups
DR/BCM Planning & Consulting
Personal Computing
Tips/Tricks/Shortcuts
Troubleshooting
Hardware & Peripherals
Desktop Operating Systems
Software & Applications
Office Applications
Desktop Software
Email Software and Applications

Authors

Authors
Doyle Sanders
Jake Sanders
Jordan Sanders
Justin Oliver
Matt Ballard
Robert Cleveland
Cristian Colón
Jacob Ellis
Jeff Fowler
Miker Irick
Curtis Mayo
Josh Restuccio
Lindsey Sanders
Matthew Stafford
Josh Yarbrough

Give Us a Call

(901) 475-0275
61 Atoka-McLaughlin Dr.
Atoka, TN 38004

About SandStorm IT

SandStorm IT is a team of committed professionals who are dedicated and excited to solve your technology needs.  We accomplish this through understanding your business and then applying the appropriate technology solutions to meet the needs.

Our breadth of experience with information technology covers a range of diverse skill sets such as server setup and configuration, network and firewall solutions, VoIP telephone systems, web and database hosting, custom web application programming, mobile development, and IT security practices and policies.

SandStorm IT has the desire, expertise, and commitment to bring your vision to life.

  • Services
  • Technologies
  • Pricing
  • Work
  • About
  • Blog
  • Contact
  • Help Me
Authorized Solution Provider