Rensome / malware protection

What is the best way to protect an office (1-server ,7 computers)

from getting hit with rensome and other malware?

a device (firewall) that scans all incoming packets?

I'm looking for an automatic solution , I know there isn't 100% but close to that will be fine.
LVL 1
alonig1Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Most of this comes via email and people opening emails from strangers.

The best defense for this is a really good Spam Filter.

Once opened you need top brand Anti Virus, but sometimes people clicking on strange email may still cause problems.

Train your users.
0
Erik i TuniNetwork AdministratorCommented:
John is right.

Also it's good to have Antivirus that has good web protection so that if someone opens a malicious link then it might get blocked.

Otherwise backup, backup and backup.
0
RaminTechnical AdvisorCommented:
Ransomware can get on your PC from nearly any source that any other malware (including viruses) can come from. This includes:

  • Visiting unsafe, suspicious, or fake websites.
  • Opening emails and email attachments from people you don’t know, or that you weren’t expecting.
  • Clicking on malicious or bad links in emails, Facebook, Twitter, and other social media posts, instant messenger chats, like Skype.

It can be very difficult to restore your PC after a ransomware attack – especially if it’s infected by encryption ransomware.
That’s why the best solution to ransomware is to be safe on the Internet and with emails and online chat:

  • Don’t click on a link on a webpage, in an email, or in a chat message unless you absolutely trust the page or sender.
  • If you’re ever unsure – don’t click it!
  • Often fake emails and webpages have bad spelling, or just look unusual. Look out for strange spellings of company names (like “PayePal” instead of “PayPal”) or unusual spaces, symbols, or punctuation (like “iTunesCustomer Service” instead of “iTunes Customer Service”).

Also as John mentioned above, you need a top brand Anti Virus on your systems.
0
Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

alonig1Author Commented:
I have trend Micro and it got it.

I need something on the level of packet filtering. so even someone is trying to open a file it will block.

The virus/malware rensome got through the trend micro which is installed on every workstation and server.

When I ran malwarebyts it found lots of spyware. so the trend micro isn't very efficient.
0
RaminTechnical AdvisorCommented:
Malwarebyts is very good but the most important thing is Backing UP the data on a regular basis.
0
JohnBusiness Consultant (Owner)Commented:
Packet filtering is pretty much ineffective against normal email which is what ransomware uses. Spam filtering is much more effective
0
masnrockCommented:
The answer is multifaceted, not just some super simple in a box solution.

Antivirus and antimalware software alone will not be the answer. The firewall will help, but you need to be sure to minimize the number of open ports. You also need to work on locking down the workstations, which can also work through mechanisms like GPO. Preventing systems from running executables from temp folders and the like. Additionally, you should look into transport and filtering rules for cutting off many phishing scams.

You should also be looking into creating an organizational security policy, which includes Acceptable Use. Also look into user awareness training. Other things include the use and implementation of offsite backups. There's a long list of things you should implement if you want a positive security posture.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rajul RajInformation Security OfficerCommented:
The best way to protect from these is

Proper user awareness training
0
McKnifeCommented:
Alonig1, with such a small crowd of computers, you should definitely look at application whitelisting:
https://technet.microsoft.com/en-us/library/hh831534(v=ws.11).aspx it stops viruses from being executed even when your virus scanner doesn't recognize it. If you have questions about the functionality, feel free to ask.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.