Why you need to be more concerned about email security - and what you can do about it.
Dental practices are under threat from increasingly aggressive and brutal ransomware attacks. Loss of access to critical files followed by a demand for payment can cause massive disruption to your productivity.
But what does a typical attack look like, and what security solutions give the best defense?
There are two main ways that a ransomware attack starts: via an email with a malicious attachment or by visiting a compromised website.
Today’s criminals are crafting emails that are indistinguishable from genuine ones. However, when the file is executed the ransomware is downloaded and installed onto your computer. It could be a JavaScript file disguised as a .txt file that’s the Trojan horse, but there are many other variations, such as a Word document with macros and shortcut (.lnk) files.
Another common way to get infected is by visiting a website that has been infected with an exploit kit. Exploit kits are black-market tools that criminals use to exploit known or unknown vulnerabilities (such as zero-day exploits). You may browse the hacked website, click on an innocent-looking link or hover over an ad - that’s enough to download the ransomware file and run it, often with no visible sign until after the damage is done.
Related reading: Are your emails safe?
Nine best security practices to apply now
Staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices are essential components of every single security setup. Make sure you’re following these nine best practices:
Patch early, patch often. Malware that doesn’t come in via a document often relies on security bugs in popular applications, including Microsoft Office, your browser, Flash and more. The sooner you patch, the fewer holes there are to be exploited.
Back up regularly and keep a recent backup copy offline and offsite. There are dozens of ways that files can suddenly vanish, such as fire, theft, a dropped laptop or even an accidental deletion. Encrypt your backup and you won’t have to worry about it falling into the wrong hands.
Enable file extensions. The default Windows setting is to have file extensions disabled, meaning you have to rely on the file thumbnail to identify it. Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users like JavaScript.
Open JavaScript (.JS) files in Notepad. Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.
Don’t enable macros in document attachments received via email. Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of infections rely on persuading you to turn macros back on, so don’t do it!
Be cautious about unsolicited attachments. The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt, leave it out.
Don’t give yourself more login power than you need. Don’t stay logged in as an administrator any longer than is strictly necessary and avoid browsing, opening documents or other regular work activities while you have administrator rights.
Stay up to date with new security features in your business applications. For example, Office 2016 now includes a control called “Block macros from running in Office files from the internet,” which helps protect against external malicious content without stopping you from using macros internally.
Patch early, patch often! Staying on top of patches is so important that I’ve included it twice. Don’t let ransomware exploit vulnerabilities that have patches available!