If you think your anti-virus system will stop ransomware, think again!

Share

SeanThomasSean Thomas
CYBER SECURITY COLUMNIST

Email, computers, Wi-Fi, high-speed Internet and mobile phones are all necessities to survive in today’s digital world. Then, why is it we don’t consider proper cyber security measures a requirement?

I can hear you now: “But I have anti-virus installed on all of my computers!”

Great! But when was the last time you checked that it was up to date?  How does your choice of antivirus product rate and will it stop the latest and greatest ransomware virus?

I’ll bet the answer is probably not or most definitely not. It is a sad reality that no anti-virus product can keep up with the ever-evolving incarnations of viruses and ransomware.

Your store getting a virus isn’t a matter of if – these days it’s a matter of when and how much damage it will do.
If a newly hired sales person is the weak link it likely won’t do much damage. However, what if your controller is the one targeted? That’s way more serious.

Your store is different though, right? You’re protected and your employees would never open a suspicious attachment. But what about phishing scams that your AV won’t catch? Are you ready to handle those?

No longer are phishers simply sending poorly worded emails. These days, they are researching your dealership. They are checking LinkedIn to find out who is who. They are calling to figure out schedules and even visiting your store.

When they attack, they do it right and your employees likely won’t even be able to tell the email wasn’t from you.

While the odds of your controller transferring tens of thousands of dollars based on an email are slim to none, what about your sales staff? Will they reveal their code to your key control system? What about the password to edit your website? Maybe, they’ll drop off that car you asked them to.

Speaking of employees, are you protected against them? You know turnover in the automotive world is high. Do you know what information that employee is leaving with? Passwords? Codes? Keys?

What about your controller? What happens when they leave on bad terms?  They know enough to seriously hurt you.

Have I scared you, yet? In less than 30 minutes, I can penetrate your secure wireless network and steal yours and all of your employees’ passwords.

What about gaining remote access through social engineering and pilfering your network and all of your confidential files? Better hope you don’t have any passwords or credit card information saved on your computer, otherwise I’ll have that, too!

Solutions
With so many ways of getting at your information, what is a dealer principal to do to avoid this seemingly nightmarish situation?
First and foremost, a good IT solution provider is your best line of defence. Let me repeat that: A good IT solution provider. Not your parts manager or your nephew, and most definitely not a big-box store’s “nerd service.”

If you want to test your current provider, ask them how they intend to protect you from ransomware. If they answer, “with an antivirus product,” get a new one as soon as possible.

Now that you have a secure IT solution provider in place, let’s talk about the steps they’ll walk you through to avoid being a target. Before we begin, however, there is a caveat: to do this properly you should know you’re going to have to spend money to protect yourself and your dealership.

Understand, though, that the cost of these solutions pales in comparison to trying to repair the damage these attacks can do.

No matter what I’ve said previously, you need a good AV product installed and updated on all of your computer and servers. This will still stop the majority of the viruses and malware out there.

Just remember, it’s not a be-all and end-all solution; it’s only a layer. So what’s a good AV product?  BitDefender or Cylance are your best choices, followed by products like F-Secure and Trend Micro.

The gold standard for AV rankings is done by the AV-TEST Institute in Germany, which is a reliable third-party ranking of available products.
While your OEM might limit you in upgrades, as for example, Internet Explorer, Windows 10, you can always keep your Windows installation up to date with the latest Windows patches.

These patches will help mitigate the number of backdoors and security holes in Windows. Using a patch management server like Windows Server Update Services or an RMM, like CentraStage, is crucial to this. And, for your own sake, get rid of Windows XP already!

Email and Email Provider
This might not seem like an obvious protection measure, but it most definitely is. Ransomware attacks your computers, network and servers by encrypting and – in the newer versions – deleting your files.
Having your email hosted on a solution like Office 365 protects you by keeping your email on their servers, somewhere where ransomware cannot target. Additionally, services like this provide a number of layers of additional protection.

Email Security
Similar to your email provider, having a 3rd party security solution like Barracuda integrated into your email provider is critical. Barracuda scans each and every email that comes into and out of your dealership. Not only does it stop viruses that your antivirus product might miss, it can also prevent phishing attacks.

Backups
Like the real estate mantra of “location, location, location,” the IT world’s equivalent is “backup, backup, backup.”

No matter what a virus does to your files, if you have proper, up-to-date backups the damage is usually very minimal and can be mitigated quickly.
There is a caveat to running these backups, however: since ransomware likes to encrypt/delete the files on your computer and your network, you need to have it set up to “hide” the backups from the ransomware.

I cannot sing the praises of Altaro highly enough when it comes to backups, both with their server and workstation products.

Password Manager
How do you keep your passwords?  Sticky note on your computer? Text file on your desktop, perhaps?  Does your controller keep your banking passwords the same way? I sure hope not.

Password managers like RoboForm and LastPass allow you to create extremely complex passwords within their systems (secured and encrypted), so absolutely no one can find them.

Additionally, these tools will automatically fill in your passwords on websites and applications so you don’t have to remember each one. This allows you to grant your employees access to websites and applications as needed without having to expose passwords.

Just imagine a dealership where you are the sole keeper of all the critical passwords; turnover worries instantly become a thing of the past.

Wireless
As I mentioned before, it takes, on average, less than 30 minutes with some freely available software and very basic knowledge to crack a typical Wi-Fi security key.

After this, your internal network is completely open to this attacker.  Wireless is, and always will be, an insecure technology.  Your best bet is to completely separate it from your internal network, even for your employees, and make your security key 64+ characters of random letters, number and symbols.

While these solutions will help you protect your business, a good IT solution provider you can trust is the cornerstone to keeping you ahead of the curve.  Just like proper maintenance, on a vehicle your IT infrastructure needs regular tune-ups.

A part of these regular tune-ups should be taking time to actually sit down with your provider and review your infrastructure and security layers.
Another key is having proper practises and procedures for your dealership, by ensuring that employees only have the access they need and, then, when they leave, ensuring that access is revoked before they’ve left the lot.

Sean Thomas is the lead solutions architect focusing on security and new technology for A&R Solutions. A&R manages over 500 dealerships across Canada. For more information, contact Sean Thomas, sean@anrsolutions.ca, 866-310-8930 ext. 53.