Ransomware protection is not something you want to take lightly.  It is a real threat to your practice.  At Tier3MD we focus heavily on protecting your network from ransomware and all types of malicious software.

What is Ransomware?

Ransomware Protection

Ransomware is a type of malicious software (malware) that criminals use to deny you access to your computers, devices, and / or data.  Infections usually begin with an email directing the recipient to follow a link or open an attachment.  Often spear-phishing emails are used to trick the user into believing the email request is legitimate and can be trusted.

Once the malware is loaded, it begins to run and starts attacking your data using your resources.  The programs search for data on the computer including other folders and systems you have access to across your network.  Once data is located, it is encrypted.  That means you are locked out from accessing that data unless you have the complex “key” or password required to open the encrypted data.

The criminals display a message on your computer screen once they have captured your data.  The message tells you that you have been locked out and the only way to get the key you need to access your information is to make a bitcoin payment to the criminal.  The payments are usually requested using bitcoins which is secured digital currency.  Ransomware can also be used for attacks on mobile devices.

There is usually a short deadline you must meet or they threaten that your data may be destroyed forever.  It may be 48 hours, 96 hours, etc. but it is never open ended.  They want to pressure you to act, not think.

How Tier3MD Can Help

Cryptoprevent.  There are some tools the help mitigate ransomware activity.  They are not guaranteed to work in all cases but they will help in many cases.  Tier3MD provides cryptoprevent to all customers as part of their managed service contracts at no additional charge.

Firewall.  In some cases, the controls in a Universal Threat Management (UTM) or firewall device can prevent exfiltration activity. They may also detect and block traffic to blacklisted web addresses that communicate with the ransomware malware.  Tier3MD will evaluate your existing firewall, and make sure it is up to standards in protecting your network.

Anti-virus/Anti-malware. This is another tool that Tier3MD provides to all customers as part of their managed service contracts.   We make sure you have a business class, up to date anti-virus and anti-malware solution running on any device possible.  While they aren’t able to detect the malware from a well executed ransomware attack, they can still detect other things.  If your device is infected with other malware it will be certain to have openings for ransomware, also.  Using a free solution is not recommended.  You should also make sure that both the software and it’s database stay up to date by checking for updates every day.

Security Patches.  Many cases of successful ransomware attacks could have been prevented if operating systems and applications had up to date security patches in place.  Vendors patch their software to prevent criminals from using some of the vulnerabilities that allow these programs to run in the first place.  Your systems should be scanned for updates regularly.  Of course, those updates should be installed immediately when identified. Tier3MD provides patch management (as required by HIPAA) to all managed service clients.

OpenDNS – Our solution fights ransomware by protecting all the places it is trying to get in.  We reduce the risk by using an architectural approach to strengthen defenses with detection, visibility and intelligence.  Tier3MD provides this service with a small additional monthly charge.