Why Backing Up Your Data Won’t Work
Let’s be honest, backing up your data is important. Maybe more so for some users than others, but important nonetheless. However, backups are not the golden ticket when it comes to restoring data after a malware attack. Although they could be useful in restoring your files after a malware attack occurs, such as ransomware; what happens when those backup files are also encrypted or disabled? So much for that golden ticket.
A new form of fileless ransomware, Sorebrect, will specifically stop the backup services for BackupExec from Veritas, and backup software from Acronis. Again, no golden ticket.
Are you protected?
What can users do to remain protected from malware threats? There are two major pieces users must understand with their security solution.
- Does it block fileless malware? This means the malware is executed through malicious scripting agents, such as CScript, WScript, PowerShell, etc. Is your antivirus solution protecting you from these threats?
- Also, does it use a blacklist or whitelist approach? Blacklisting security solutions treat unknown programs and files as safe and allows them to run, until they’ve been proven bad. Therefore, all new malware variants that haven’t been proven bad, will run on a PC that is using an antivirus that only uses a blacklist approach. Whitelisting treats all unknown programs as bad, meaning they will not run until they can be tested and proven safe.
It’s likely, your antivirus program is not preventing fileless malware. It could be integrating minor pieces of whitelisting, but is it using that as its primary method of malware detection?
Why Prevention is Key
Often times, prevention is set on the back burner. Users think, if they get infected, their security program will fix it. But that is not the case. The security program should prevent the malware in the first place. If it doesn’t, the end-users are the ones that suffer. When different forms of malware hit, remediation may not be possible. If users are infected with ransomware, and their backups are either outdated, encrypted, or nonexistent — they’ll either be forced to pay the ransom, hoping to get their files back; or, start from scratch. It should be noted, PC Matic does not suggest paying the ransom demand, as there are no guarantees users will get their files back after they pay the cyber criminals.
If you’ve checked your antivirus program and it does not protect you from fileless malware attacks, and is not using an application whitelist — it’s time to find a better solution.