Rensome / malware protection

alonig1
alonig1 used Ask the Experts™
on
What is the best way to protect an office (1-server ,7 computers)

from getting hit with rensome and other malware?

a device (firewall) that scans all incoming packets?

I'm looking for an automatic solution , I know there isn't 100% but close to that will be fine.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Most of this comes via email and people opening emails from strangers.

The best defense for this is a really good Spam Filter.

Once opened you need top brand Anti Virus, but sometimes people clicking on strange email may still cause problems.

Train your users.
Erik i TuniNetwork Administrator

Commented:
John is right.

Also it's good to have Antivirus that has good web protection so that if someone opens a malicious link then it might get blocked.

Otherwise backup, backup and backup.
RaminTechnical Advisor
Commented:
Ransomware can get on your PC from nearly any source that any other malware (including viruses) can come from. This includes:

  • Visiting unsafe, suspicious, or fake websites.
  • Opening emails and email attachments from people you don’t know, or that you weren’t expecting.
  • Clicking on malicious or bad links in emails, Facebook, Twitter, and other social media posts, instant messenger chats, like Skype.

It can be very difficult to restore your PC after a ransomware attack – especially if it’s infected by encryption ransomware.
That’s why the best solution to ransomware is to be safe on the Internet and with emails and online chat:

  • Don’t click on a link on a webpage, in an email, or in a chat message unless you absolutely trust the page or sender.
  • If you’re ever unsure – don’t click it!
  • Often fake emails and webpages have bad spelling, or just look unusual. Look out for strange spellings of company names (like “PayePal” instead of “PayPal”) or unusual spaces, symbols, or punctuation (like “iTunesCustomer Service” instead of “iTunes Customer Service”).

Also as John mentioned above, you need a top brand Anti Virus on your systems.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
I have trend Micro and it got it.

I need something on the level of packet filtering. so even someone is trying to open a file it will block.

The virus/malware rensome got through the trend micro which is installed on every workstation and server.

When I ran malwarebyts it found lots of spyware. so the trend micro isn't very efficient.
RaminTechnical Advisor

Commented:
Malwarebyts is very good but the most important thing is Backing UP the data on a regular basis.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Packet filtering is pretty much ineffective against normal email which is what ransomware uses. Spam filtering is much more effective
Distinguished Expert 2018
Commented:
The answer is multifaceted, not just some super simple in a box solution.

Antivirus and antimalware software alone will not be the answer. The firewall will help, but you need to be sure to minimize the number of open ports. You also need to work on locking down the workstations, which can also work through mechanisms like GPO. Preventing systems from running executables from temp folders and the like. Additionally, you should look into transport and filtering rules for cutting off many phishing scams.

You should also be looking into creating an organizational security policy, which includes Acceptable Use. Also look into user awareness training. Other things include the use and implementation of offsite backups. There's a long list of things you should implement if you want a positive security posture.
Rajul RajInformation Security Officer

Commented:
The best way to protect from these is

Proper user awareness training
Distinguished Expert 2018

Commented:
Alonig1, with such a small crowd of computers, you should definitely look at application whitelisting:
https://technet.microsoft.com/en-us/library/hh831534(v=ws.11).aspx it stops viruses from being executed even when your virus scanner doesn't recognize it. If you have questions about the functionality, feel free to ask.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial