BY: Yinka Okeowo
ESET research and development (R&D) experts recently revealed through virus radar that ransomware attack still pose as major threat to organisations since the start of COVID-19 pandemic and requires strict pre-cautionary measures to stay safe.
Mode of propagation
Ransomware can be distributed in a wide variety of ways:
- These may include corrupted spam email attachments;
- Through the use of unsafe file downloads and
- Visiting unsolicited/unsafe websites.
Once the Ransomware is installed, according to ESET, it is designed to scan the victim’s device for the user-generated files, will then use a strong encryption algorithm to make the victim’s files inaccessible.
ESET protects you against ransomware.
The current versions of ESET products use multiple layers of technologies to protect computers from ransomware, it comes with a Ransomware shield and additional features such as Advanced Memory Scanner, ESET LiveGrid® Reputation System and Exploit Blocker.
Also, the latest ESET products provide an enhanced Botnet Protection module that blocks communication between ransomware and Command and Control (C&C) servers.
However, they have to be enabled and well configured with Tamper Protect for maximum security.
“In addition, we strongly recommend that you follow the tips below to ensure the highest level of security on your IT Infrastructure”, ESET said in the advisory message:
- Ensure that all Endpoints and servers have the ESET Protection installed and updated at all time.
- Make sure your ESET software is upgraded to the latest version and has the latest Virus Signature Database updates.
- Install all security updates for the OS and all applications that are installed.
- Restrict RDP only to users who really need it, restrict RDP to specific IP addresses / ranges on a firewall,securing RDP using VPN or 2FA, using a non-standard port.
- Enable detection of potentially unsafe applications (to detect and block tools that could kill ESET).
- Setting a password to protect ESET settings and to prevent it from being disabled or uninstalled by unauthorized persons.
- Avoid disabling default settings (some users disable protection modules or add dangerous exclusions without realizing the impact on security).
- Implementing ESET Dynamic Threat Defence (Cloud Sandbox Solution), for protection against Zero day threat..
- Back up crucial data on a regular basis to prevent data loss.
The cybersecurity company also reminded businesses that it only takes one unpatched computer to get inside the network.
“From there, the malware can take over administrator rights and spread to other computers”, the message concludes.