Is Your Operating System Making You More Vulnerable To Ransomware?
AV Test’s 2020 Security Report revealed more than 114 million new pieces of malicious programming has been developed over the last two years, with more than 78% targeting Windows systems. According to the CVE database, Microsoft has more than 660 “dangerous” security gaps, with 357 vulnerabilities being attributed to Windows 10. Infections on the Linux OS are much less common. Linux OS has a 2% market share of the desktop OS while Windows is being used by more than 73% of the market. Microsoft has captured a similar percentage of the global server market, with more than 72% market share. Windows is the prime mark for bad actors, while Linux is marginalized as a ransomware target.
Ransomware security has become a major concern for many enterprises running Windows servers. As a result, many organizations are transitioning away from malware-susceptible Windows backup software and implementing purpose-built, highly secure Linux-based appliances and software to ensure their data is safe from these security attacks. Cybercriminals aim for maximum impact so the more widely deployed Windows OS is the top target. Additionally, Linux systems are harder to compromise, because of their hierarchical architecture.
is safe from these security attacks. Cybercriminals aim for maximum impact so the more widely deployed Windows OS is the top target. Additionally, Linux systems are harder to compromise, because of their hierarchical architecture.
Unitrends understands the advantages of the Linux operating system and has the functionality to deploy a Linux virtual appliance for VMware, Hyper-V, Citrix and Nutanix, or as purpose-built, turnkey Recovery Series hardware appliance. While seen as less attractive to cybercriminals due to low market share, additional hardening of the appliance’s kernel helps create a more secure system and additional security measures can be implemented upon installation to limit the number of ports used by the appliance.
Ransomware has evolved to evade today’s top defense solutions, as 93% of IT service providers report attacks despite anti-virus / anti- malware software in place. Organizations that have a backup and disaster recovery solution in place, nearly 100 percent have been able to deal with and resolve ransomware intrusions.
While some of the anti-ransomware tools and antivirus-for-ransomware providers work diligently to uncover ransomware threats and defeat attacks, the fact is, with thousands of attacks daily, there are simply too many iterations for those programs to uncover all these threats. The constant evolution of variants makes trying to detect or prevent ransomware with Blacklists, Whitelists or Signatures futile. Software companies simply cannot keep pace with the multitude of threat deviations. Additionally, hackers are embedding their code into already whitelisted software, which slips past anti-virus detection software.
Testing Your Security
After an invasion, you need to turn to your backups to restore systems. To implement effective recovery from ransomware, you need both verified backup and disaster recovery. Recovery Assurance performs automatic testing to facilitate an assessment of the viability of your backup and it can be used to detect ransomware components that may disrupt your ability to recover. DR testing is typically low on IT admin’s priority lists. In a recent survey on the state of disaster recovery, 52% of IT pros said that they test their DR plan once a year or less. Unitrends Recovery Assurance provides automated backup testing and verification. It is designed to ensure that your backup data can restore your system as planned. A component of that testing includes the ability to run a security check for ransomware. Your backups only have value if you can use them for recovery. For successful DR, your backups need to be fully functional and free of ransomware.
Security Through Education
Another ransomware security measure is employee education. Train co-workers on how to avoid phishing scams, spam, baiting, pretexting, malevolent websites, attachments from unknown senders, etc. Teach employees to be skeptical whenever they encounter a digital click request that is outside the realm of their normal office communications.
Phishing via email and spam are the most prevalent source of ransomware downloads. More than 90% of malware is delivered via phishing attacks . Teaching the staff how social engineering works, how it can entice recipients to inadvertently download malware and urge them to check the sender’s name and subject line of every email.
The most successful phishing attacks have been those with some hint of truth to them. The legitimacy of phishing emails is rarely questioned by distracted remote employees who have to juggle work and home duties. To make matters worse, attackers conceal their ruse by making it seem as if the emails were sent by a familiar source. Train them to be suspicious of oddities in the email from co-workers, urge them to verify suspicious email attachments with the senders. Don’t let them give remote access to fake support teams; make sure employees know who to contact to resolve their IT woes.
Ensure employees know the people to call to get questionable activity checked out. Explain to them how to be cautious of sites with lo-res files or awkward designs, they might be fake versions of the website they intended to visit. Be wary of click-bait headlines, it’s always better to type in the URL in the browser that takes you to a legitimate site instead of clicking through the link and getting directed to a malicious site.
Modern anti-phishing solutions employ AI technology to analyze attributes of employee communication and establish profiles of trusted relationships, empower employees to defend with visual cues and actionable buttons, and provide automated feedback and workflow loops to make investigation and resolution seamless for IT teams.
We’ve identified five pillars of defense that in combination, offer you the best anti-ransomware protection against malicious attacks.
Use backup! Follow the 3-2-1-1 rule. Three copies of your data, 2 different types of media, 1 version stored off-site, and 1 copy that is immutable. It will provide an easy escape in the event you do hit by ransomware.
Ransomware predominantly targets the more prevalent Windows OS. Consider a purpose-built appliance written in hardened Linux to prevent attacks and secure your backup architecture.
You cannot recover from ransomware without a good backup – and making sure a backup is recoverable is often taken for granted. Regularly test your backups for ransomware and other issues that could impact a successful recovery. It’s critical to make certain your files, settings, applications and structured data are available for instant and successful disaster recovery.
Early ransomware detection means less data loss and downtime. Some backup systems are more intelligent these days. They use predictive analytics and machine learning to look for anomalies and conditions typical of ransomware attacks, and alert administrators of abnormal fluctuations.
5. Instant Recovery
If you’ve effectively backed up your data and tested its recoverability you will be ready to roll back your network to a safe restore point and avoid downtime and revenue loss.
There are physical and behavioral aspects of protection that can help make your enterprise more secure in the fight against ransomware. Explore a host of ransomware security options to safeguard your network against attacks.