How to Block Cryptowall
Posted by Third Tier on 14 January 2015 09:08 AM
Our friends at Calyptix Security have written several blog posts on the topic of file encrypting menaces, several of which reference our free Cryptolocker Prevention Kit. Now it’s our turn to share their knowledge. Read the blog post at Calyptix Security
Block – CryptoWall traffic is associated with IP 220.127.116.11/23. Block this IP range by adding it to your static blacklist.
Patch – Always maintain the latest versions of your firmware, antivirus, operating systems, and other systems. Routinely update as new patches become available.
Educate – Explain to users the dangers and warning signs of phishing emails and suspicious attachments.
Backup – Maintain backups of all important files both onsite and offsite. Test them often. Ensure they are configured to prevent backup of infected files. <added by Third Tier, Make sure that your backup storage location is not writable by anyone other than the account running the backup>
Plan – Assume disaster is inevitable. Plan how you will respond.
Configure – Adjust security settings to prevent forced downloads.
Control – Use web filtering to control the sites users can access. Use egress or outbound traffic filtering to prevent connections to malicious hosts.
Not a Third Tier customer yet? Let me introduce: We’re Third Tier. We provide advanced Third Tier support for IT Professionals and MicroStaffing for IT consulting firms. Come on over, create an account (no charge) and follow our social media locations.