As pledged last week, in our piece on cryptolockers, today we are running a code of best practice to guard against email-related cyber-attacks. The bulk of cyber-defence, in terms of software and server monitoring, is the responsibility of a business’ IT department or service provider.
However, there are measures that the individual employee can, and should, follow on a day-to-day basis to help protect their company’s data. These measures are not particularly arduous chores; rather, they are basic steps, applicable to employees of any level in any organisation. Many thanks to senior Viastak service engineers John Minnock, Joshua Rains and Micah Edwards for their contributions to this simple guide.
1. Don’t Know It? Don’t Read It
The single biggest cause of cryptolocker cyber-attacks, or indeed any other kind of virus, is human error. At a very basic level, if you receive an email or other form of electronic communiqué from an unfamiliar source, with an attachment that you do not recognise, an employee’s instinctive response should be to leave it unopened and refer it to a more technically-minded member of staff – either internally or with your company’s IT provider. Yes, this may seem common sense to you, but trust us, we wouldn’t say it if we didn’t know examples of it happening. Human instinct: still one of your most effective defences.
2. Show The File Extension
Fortunately, your device can help you out with the above. One way that the Cryptolocker virus is known to arrive in a victim’s email account is within a file with a PDF or EXE extension. This is because Microsoft’s default setting is to hide such extensions, meaning that the user has to click on it to identify its content. An unappealing state of affairs. You can avoid this problem by adjusting the settings of your email account, so that you may see the full file extension – thus making it far simpler to spot unknown or suspicious files.
3. Dastardly Disguises
Where the vast majority of businesses now have a website, they will also often have details of their personnel online that anyone can view. A common method of launching cyber-attacks is creating a new email account to impersonate a colleague. For example, the attacker might pretend to be the CEO under their name and an email address centred around it, and contact the company financial officer for bank details regarding a transfer. Users should hence closely monitor the email addresses being used by “colleagues”: a simple phone call or text to double-check a suspicious email is all that would suffice, to make a request credible.
4. Strip It Down
If you only wish to receive attachments that you know in advance are coming, it is possible to adjust settings to lock down certain extensions or strip out attachments from emails when they arrive in your inbox. They can subsequently be requested, if they come from a trusted source and in a scenario that you anticipated, if you wish to view them.
5. Time For An Upgrade?
More an operation for your IT department, if it is to be standardised throughout the company, but any employee is perfectly entitled to ask about the specifics of their current network security. Running outdated software will make your data more vulnerable to malicious intruders, especially when you consider that all security systems are built according to threats from the past in the first place. Many vendors will release software updates on a regular basis, and it is important to keep up with them. The potential for an email hack such as a cryptolocker will be far lower.
6. Emergency Disconnect
If you do find yourself accidentally clicking on a suspicious email attachment, don’t panic. The first thing that an individual can do to minimise, or even prevent, a negative impact is to disconnect from your internet connection – either through the icons in the bottom right of your screen or unplugging the cable itself. The cryptolocker takes time to encrypt all files and send you its virtual ransom note; by disconnecting, you may prevent it consuming all your data, like starving a flame of oxygen. This is an emergency measure that we would rather avoid needing to make, and we cannot guarantee that it will work. But it may be better than initially doing nothing.
7. Back Up! Back Up!
Windows has a feature called System Restore which will take your desktop back to the last-known clean state, in the event of any cyber-attacks. Sophisticated cryptolockers may be able to mitigate this, though, and delete shadow copies of your files. Nevertheless, it is crucial to back up all your data so it can be recovered, and the optimum way to do so is to store data in a virtualised cloud environment in the first place. The cloud desktop not only keeps shadow files, but records snapshots of your desktop every twenty-four hours, so that the server can be rebooted.
The above list gives some idea as to the awareness required of employees in the modern cyber-climate. Attempted cyber-attacks are unfortunately growing more and more common. Ultimately, however, by staying alert and being aware of basic security principles, any staff member can do their bit to help their IT staff and security software, and protect their network from the perpetrators of cyber-attacks.
Viastak work with official partners Amazon Web Services and Citrix to deliver secure cloud-based IT solutions, both in the UK and overseas. We have an exemplary track record in granting businesses the power to streamline their regular practices through the use of cutting-edge technology. To find out more, please get in touch.
Written by Oliver Kiddell
Oliver Kiddell, Author at Viastak Technologists.