There is a severe new variant of Dharma ransomware that encrypts all data on local and shared drives on your company’s network. It renders local backups useless.
The criminals behind the attack then ask for between $4,000 and $20,000 to decrypt your data. Sometimes they’ll ask for even more.
This ransomware has two primary vectors (ways that it can enter your network):
The first is via an email attachment. This is usually a Microsoft Word document (.doc or .docx) posing as an “invoice”. Once an employee opens the document, encryption of your network’s data begins.
The other is a new exploit to Windows Remote Desktop Protocol (RDP). At many businesses, RDP is used to get onto a work computer from outside the office.
Recommendations For Protecting Your Network
There are four ways to prevent this latest variant from costing your business dearly.
1. Train your employees to not open questionable emails
Some people are more susceptible than others to opening phishing emails. Let your employees know about specific types of emails such as the “invoice” email referenced above.
2. Secure any RDP connections
Require a VPN connection to access PC’s and servers behind your company’s firewall.
3. Set up nightly offsite backups of your data
This acts as an safeguard if there is a successful ransomware attack on your network. It will also protect your data from fire, computer theft, or any other catastrophic event at your location.
Offsite backups are not subject to attacks from within your network.
4. Ensure proper endpoint security
Up-to-date antivirus software is always at the front line in defending your business’s data security.
Free antivirus solutions do not offer full protection as they rely on user interaction to update the software. Many users just end up ignoring perceived “nag” messages not realizing the software is no longer updating or functioning.
Here is what proper endpoint security looks like:
If your business is based in the Greater Sacramento area, contact us to learn more.