KTL SOLUTIONS

Preventing Ransomware in Dynamics GP

Share this post

What is malware?  This is an umbrella term used to refer to a variety of forms of intrusive software, including computer viruses, Worms, Trojan Horses, ransomware, spyware, adware, scareware, and other malicious programs.  It can take the form of executable codes, scripts, active content, and other software.  In this blog, I will  be using the term ransomware. I will go over how ransomware can overtake your Microsoft Dynamics GP files, blocking access to these files, and come with a list of instructions on how to unlock them.  Typically, the ransomware will stay encrypted/locked until you pay the sum of money to the hacker.  The worst part is that even by paying the ransom you are not guaranteed to get your files back.

What can ransomware do?

–    Prevent access to Windows

–    Encrypt your files

–    Prevent your applications from functioning

For the attacker, the easiest files to get a hold of are the most used files on your desktop.  The attackers are not interested in the information within the files.  They want user created content.  This includes office documents, PDF’s, Word, Excel, and text files.  A big indicator that your files are infected is that your logo will change, and the names of the files will be long unrecognizable characters.  As you navigate through the infected files, you will see a file labeled as instructions.  This is where you will find the instructions on getting your files back.

When you are assessing how to get your files back, you need to see how much damage has been done.  Usually, once you notice there has been a breach, it is too late to trace it back to the source.  By this time the hacker has already covered their tracks.  Once the ransomware has infected your computer, it has the ability to infect your entire network!

The Good Side

There are a few easy steps to take to avoid being infected by ransomware.  First, you will want to avoid opening attachments in emails from unknown senders.  Next, this may seem odd, but picking up a random USB drive and opening the files. You should never open any Word or Excel files in which you do not know the source to.  Ransomware is considered a Macro Virus, and that may sound familiar to you.  They were popular in the 90’s and early 2000’s. They went by names like, “The Worm” and “Trojan Horse.”  They are easy to prevent from infecting your computer if you have your settings configured correctly. You will want your Microsoft Office applications to always come up in “Read Only,” which will force you to physically push the enable content button to modify the data.

Most GP Users will share their GP Sub Folder to other users.  This contains your reports and forms.  If you are a User that is doing this, you will want to change your forms from a ‘WRITE’ format to a ‘READ’ format.  This may sound scary for a non-technical user, but it is something your IT help desk can easily help you with.  You will then want to make sure that these files are not in your GP Main Folder.  Furthermore, you will want to do the same with Excel reports.  You will then want to put them in a folder on your GP Server where Users can only access them in ‘READ’ only.  This prevents overwriting of default reports.  Even on SharePoint, although much less common to be hacked, you will want to encrypt these files as well.

Although there is no surefire way to prevent your files from being hacked by ransomware, taking these actions will greatly reduce your risk.  You need to make sure your team is fully aware of the risks and possibilities, and that you take action in preventing them.

 

Credits: 

https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

“How Safe is Your Microsoft Dynamics GP?” by Beat Bucher, GPUG User Member

 


CHAD LESCHEFSKY | Account Manager

Chad Leschefsky is an Account Manager for KTL Solutions. Chad holds a Bachelor’s Degree in Business Administration Management from Shippensburg University. Before joining KTL Solutions, he interned and worked in the telecommunications industry, gaining knowledge on how to be a strong sales representative. Chad currently resides in Baltimore where he enjoys attending sporting events and many other city functions.

Related Posts

Checking Your CMMC Progress

Written by Alec Toloczko With Cybersecurity Maturity Model Certification (CMMC) requirements on the horizon, it’s crucial for organizations handling Controlled Unclassified Information (CUI) to adhere

Read More »