image What is Cybersecurity Threat Hunting and Incident Investigation & Why Do You Need It? image The End of Ransomware

9 Things You Can Do NOW to Stop Cybercrime

how to stop cybercrime9 Things You Can Do NOW to Stop Cybercrime

by cStor’s Digital Transformation Team

Our partner in crime-fighting, Sophos, takes a look at cybercrime and suggests nine tools every business can use now to safeguard against cyber attacks. We share them with you, here. Pass them on to your team. Stay strong.

Businesses large and small are under threat from increasingly aggressive computer viruses and brutal malicious ransomware attacks like Cryptolocker, Cryptowall, Locky, and others. Loss of access to important and crucial files, followed by a demand for payment can cause massive disruption to an organization’s productivity.

Looking at the technology and IT industry as a whole, there are endless facts and news stories to inform us that cybercrime, especially ransomware, is on the rise, and is also developing into more intelligent forms of the virus.

‘One cybersecurity firm estimates that extortive attacks now cost small and medium companies at least $75 billion in expenses and lost productivity each year.’ –

Taking the costs into consideration, companies can no longer sit back and hope everything is going to be okay – when that is the case, it’s always too late to act, the damage will be done and there’s no reversing or protecting a business after an attack. This can cost business’ thousands, if not millions, depending on the size of the firm and how demanding the hacker is.

‘Cyber-criminals collected $209 million in the first three months of 2016 by extorting businesses and institutions to unlock computer servers.’ –

Taking the seriousness of an attack into consideration, can any business really afford not to be protected? Importantly, are most employees aware of what ‘suspicious’ files look like? What exactly do we need to look out for when suspecting an attack? And what does a ransomware attack look like?

Staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices, including regular training for employees are essential components of every single security setup. Make sure you’re following these nine best practices:

1. Backup regularly and keep a recent backup copy off-line and off-site

There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.

2. Enable file extensions

The default Windows setting is to have file extensions disabled, meaning you have to rely on the file thumbnail to identify it. Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript.

3. Open JavaScript (.JS) files in Notepad

Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.

4. Don’t enable macros in document attachments received via email

Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of infections rely on persuading you to turn macros back on, so don’t do it!

5. Be cautious about unsolicited attachments

The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt leave it out.

6. Don’t give yourself more login power than you need

Don’t stay logged in as an administrator any longer than is strictly necessary and avoid browsing, opening documents or other regular work activities while you have administrator rights.

7. Consider installing the Microsoft Office viewers

These viewer applications let you see what documents look like without opening them in Word or Excel. In particular, the viewer software doesn’t support macros, so you can’t enable them by mistake!

8. Patch early, patch often

Malware that doesn’t come in via a document often relies on security bugs in popular applications, including Microsoft Office, your browser, Flash and more. The sooner you patch, the fewer holes there are to be exploited.

9. Stay up-to-date with new security features in your business applications

For example Office 2016 now includes a control called “Block macros from running in Office files from the internet”, which helps protect against external malicious content without stopping you using macros internally.

Contact cStor for a free evaluation of your cybersecurity vulnerabilities. Together, we can fight viruses, bugs, and malware that threaten a healthy datacenter.

Join us for our next security webinar on Wednesday, December 7: Defending Your Workloads Against the Next Zero-Day Attack. Register now!

cStor Digital Transformation Team
About cStor Digital Transformation Team
As the Director of Business Development, Walt is focused on business growth among cStor’s largest partners. He brings 30 years of experience in high-tech and IT business development. Westfall is charged with leveraging his expertise in IT, storage, digital transformation and cybersecurity to help clients understand where to go with their infrastructure and how to manage, share and protect their data to provide the most ROI. His technical and business acumen and management expertise stem from years of high-tech and IT business development. His leadership experience includes companies such as NetApp, EMC, WD McMillan Consulting and Sanas Technologies (an application aware data-management software startup business). Walt attended Eastern Washington University along with the Executive and Enterprise Leadership Education Program at Babson College.

Comments are closed.