14

Ransomware has been an increasingly major threat for businesses over the last several years: while it’s often written specifically to target Windows computers, we’ve seen bugs designed to encrypt files anywhere that they’re writable including on Macs and even Android and Linux devices.

Now, a new strain known as PHP ransomware is causing problems. PHP is a programing language intended to help produce dynamically generated content on a web server, typically inside HTML pages. Many web servers utilize PHP, including content management systems such as WordPress.

PHP ransomware allows criminals to essentially hijack your blogs and modify files that are supposed to be protected. Hackers can also install a malicious payload on your website that triggers anytime someone visits your page potentially infecting them too!

This could seriously jeopardize your reputation and cause major issues for your operations – naturally, you’d like to avoid all of that.

So, what are your options?  In order of priority:

  1. Backup all of your website content offsite and offline – ransomware attacks online and onsite backups too!
  1. Choose a complex password (20+ characters) for your web server – and change it annually.
  1. Scan and patch your server regularly: Neoscope can help with this.
  1. Even better than 20 character passwords, use two-factor authentication. This can be done through SMS or running a special code-generating app on your phone.
  1. Review all of your access permissions for your server. For example, ensure the guest account can’t modify files and better still, remove all world write-able files.

Get in touch with Neoscope to learn more about the latest threats facing your operations including PHP ransomware – and how to stay protected. Contact our team of IT experts at info@neoscopeit.com or (603) 505-4902.