Simple ways to defend against Mac ransomware

Although a majority of ransomware attacks usually target Windows PCs, this doesn’t mean Mac users are completely safe. Ransomware attacks for Macs have occurred before, and are growing more widespread over time. So how can you prevent ransomware from infecting your Mac? We’ve compiled some helpful security tips for you.

What is Mac ransomware?

Ransomware is a type of malicious software that holds computer systems hostage until a ransom is paid in gift cards, or cryptocurrency like Bitcoin or Ethereum. It’s typically distributed using phishing emails, but it can also spread via unsecured networks.

When Macs are infected by ransomware, users won’t be able to access their data since it’s encrypted. Ransomware messages may also threaten to release the information to the public or destroy sensitive data if victims don’t pay within a certain deadline. Healthcare and finance organizations, in particular, are more likely to pay the ransom because these organizations tend to have a lot of valuable assets, including money, and can’t afford to lose access to their critical data.

Types of Mac ransomware

In 2016, the KeRanger ransomware was distributed through the popular BitTorrent app Transmission. KeRanger was signed with an authorized security certificate, allowing it to evade macOS’s built-in security measures and infect more than 7,000 Mac computers.

Patcher was another strain of Mac ransomware that was discovered in 2017. This type of ransomware disguised itself as a patching app for programs like Microsoft Office. When launched, Patcher would encrypt files in user directories and ask for a ransom paid in Bitcoin. But the ransomware was poorly built, so there was no way to retrieve the decryption key once the ransom was paid.

In 2019, the EvilQuest ransomware encrypted files and tried to trick users into paying a Bitcoin ransom. Much like Patcher, however, there was no feature to decrypt files after paying, leaving those who paid the ransom with nothing.

Ransomware attacks like these can make a resurgence at any time, which is why you need to be prepared in case of an attack.

An ounce of prevention goes a long way

Preventive measures are the best way to keep your Macs safe from ransomware. This involves updating your software regularly to defend against the latest threats and only installing programs from the official App Store.

Since ransomware initially infects computers using phishing emails, make sure to avoid suspicious links and email attachments. Always be on alert even if the email appears to come from a legitimate company or someone you know.

You must also maintain offline backups and have a disaster recovery plan to keep your business running in the off chance that ransomware successfully infiltrates your systems.

Responding to ransomware

If your Mac is infected with ransomware, do not pay the ransom fee, as there’s no guarantee that hackers will provide a decryption key and release your data even if you give in to their demands.

Instead, use an up-to-date anti-malware program to remove ransomware from your computer. Cybersecurity experts may also release free ransomware decryptor tools to remove the infection, so keep an eye out for these on the internet. If these programs and tools don’t work, contain the spread of the ransomware by disconnecting from the network and run data recovery procedures, provided you’ve backed up your data in an external hard drive or the cloud.

Mac ransomware attacks may not be common, but they still pose a great threat to your business. If you need more guidance, contact our team of security experts today. We stay abreast of the latest Mac security threats and know just how to keep your business safe.

This post was originally published on this site

Simple ways to defend against Mac ransomware

Although a majority of ransomware attacks usually target Windows PCs, this doesn’t mean Mac users are completely safe. Ransomware attacks for Macs have occurred before, and are growing more widespread over time. So how can you prevent ransomware from infecting your Mac? We’ve compiled some helpful security tips for you.

What is Mac ransomware?

Ransomware is a type of malicious software that holds computer systems hostage until a ransom is paid in gift cards, or cryptocurrency like Bitcoin or Ethereum. It’s typically distributed using phishing emails, but it can also spread via unsecured networks.

When Macs are infected by ransomware, users won’t be able to access their data since it’s encrypted. Ransomware messages may also threaten to release the information to the public or destroy sensitive data if victims don’t pay within a certain deadline. Healthcare and finance organizations, in particular, are more likely to pay the ransom because these organizations tend to have a lot of valuable assets, including money, and can’t afford to lose access to their critical data.

Types of Mac ransomware

In 2016, the KeRanger ransomware was distributed through the popular BitTorrent app Transmission. KeRanger was signed with an authorized security certificate, allowing it to evade macOS’s built-in security measures and infect more than 7,000 Mac computers.

Patcher was another strain of Mac ransomware that was discovered in 2017. This type of ransomware disguised itself as a patching app for programs like Microsoft Office. When launched, Patcher would encrypt files in user directories and ask for a ransom paid in Bitcoin. But the ransomware was poorly built, so there was no way to retrieve the decryption key once the ransom was paid.

In 2019, the EvilQuest ransomware encrypted files and tried to trick users into paying a Bitcoin ransom. Much like Patcher, however, there was no feature to decrypt files after paying, leaving those who paid the ransom with nothing.

Ransomware attacks like these can make a resurgence at any time, which is why you need to be prepared in case of an attack.

An ounce of prevention goes a long way

Preventive measures are the best way to keep your Macs safe from ransomware. This involves updating your software regularly to defend against the latest threats and only installing programs from the official App Store.

Since ransomware initially infects computers using phishing emails, make sure to avoid suspicious links and email attachments. Always be on alert even if the email appears to come from a legitimate company or someone you know.

You must also maintain offline backups and have a disaster recovery plan to keep your business running in the off chance that ransomware successfully infiltrates your systems.

Responding to ransomware

If your Mac is infected with ransomware, do not pay the ransom fee, as there’s no guarantee that hackers will provide a decryption key and release your data even if you give in to their demands.

Instead, use an up-to-date anti-malware program to remove ransomware from your computer. Cybersecurity experts may also release free ransomware decryptor tools to remove the infection, so keep an eye out for these on the internet. If these programs and tools don’t work, contain the spread of the ransomware by disconnecting from the network and run data recovery procedures, provided you’ve backed up your data in an external hard drive or the cloud.

Mac ransomware attacks may not be common, but they still pose a great threat to your business. If you need more guidance, contact our team of security experts today. We stay abreast of the latest Mac security threats and know just how to keep your business safe.

This post was originally published on this site

Why business continuity plans fail

Even the best managed IT services provider (MSP) can overlook certain business continuity plan (BCP) details. This is why businesses should always be on the lookout for the following pitfalls of BCP to ensure that the plan works as it should.

Over-optimistic testing

The initial testing attempt is usually the most important, because it’s when MSPs can pinpoint potential pain points in the recovery plan. However, they usually test the system in full, instead of in phases. This can cause MSPs to overlook specific points, with too many factors overwhelming them all at the same time.

Insufficient remote user licenses

MSPs give remote user licenses to businesses so that employees can access a remote desktop software when they need to, like when a disaster strikes. However, a provider may only have a limited number of licenses. In some cases, more employees will need access to the remote desktop software than a provider’s license can allow.

Lost digital IDs

When a disaster strikes, employees will usually need their digital IDs so they can log in to the MSP’s remote system while the office system is being restored. However, digital IDs are not automatically saved when a desktop is backed up. So when an employee uses their “ready and restored” desktop, they are unable to access the system with their previous digital ID.

Absence of a communications strategy

MSPs often use email to notify and communicate with business owners and their employees when a disaster happens. However, this form of communication may not always be reliable in certain cases, such as during spam intrusions.

Instead, you can use emergency communication applications such as AlertMedia or Everbridge. These programs automate necessary actions such as sending out mass notifications, sharing information, and mobilizing teams to prevent operational disruptions, so your MSP can easily notify you in case of any disaster.

Backups that require labored validation

After a system has been restored, IT technicians and business owners need to check whether the restoration is thorough and complete. This becomes an arduous task when the log reports are not easy to compare. This usually happens when MSPs utilize backup applications that don’t come with their own log modules and have to be acquired separately.

These are just some reasons why business continuity plans fail. While you should trust that your MSPs will secure your systems, it is important for business owners to be involved with any process that pertains to your IT infrastructure. Just because you believe something works doesn’t necessarily mean that it actually does. If you have questions regarding your business continuity plan, get in touch with our experts today.

This post was originally published on this site