Business system anti-virus

What is blackmail virus Blackmail virus is not a virus , It's a general term for a class of viruses , Mainly by mail 、 Program 、 Trojan horse 、 Web page hanging horse in the form of communication , Various encryption algorithms are used to encrypt files , Infected people are usually unable to decrypt , You have to get the decrypted Private key It is possible to crack . The earliest known ransomware appeared in 1989 year , be known as “ AIDS information Trojan ”（Trojan/DOS.AidsInfo, Also known as “PC Cyborg Trojan horse ”）, The author is Joseph Popp. Early extortion viruses were mainly through phishing mail , Hang a horse , Social network communication , Payment of ransom by transfer, etc , Its attack scope and continuous attack ability are relatively limited , Relatively easy to trace .2006 Years of Redplus Blackmail （Trojan/Win32.Pluder）, It is the first blackmail software in China .2013 From the second half of the year , It was a time when the modern extortion virus took shape . Blackmail virus use AES and RSA Encrypt specific file types , Make cracking almost impossible . At the same time, users are required to pay in virtual currency , In case the transaction process is tracked . Typical extortion viruses in this period include CryptoLocker,CTBLocker etc. . since 2016 Year begins ,WannaCry Blackmail worm outbreak , And the purpose is not to extort money , But to create massive destruction that affects the world . It's dramatic , At this stage , Blackmail virus has been industrialized 、 Family based continuous operation state .

​

​

Edit switch to center

Add picture comments , No more than 140 word （ Optional ）

Industry demand ：

Many enterprise servers , In particular, the business system server is relatively fragile , Even with anti-virus software 、 Deployed firewalls 、 And patch regularly , Still

However, there will be various risks of intrusion and tampering , Even blackmail virus .

Solution ：

（3） King's rank In the topic of how to prevent blackmail virus , To sum up, people's conventional defensive thinking . Although there's nothing wrong , But it looks like “ Lay down and die ”, Passively beaten . But there's nothing wrong with it , After all, it's a habitual thinking to see a move and break it down . The right anti extortion virus means , It must be constant in response to changes . Take a chestnut ：

​

edit

Add picture comments , No more than 140 word （ Optional ）

The farmer keeps a flock of sheep , Glossy hair , are plump and sturdy , Very good looking , The farmer was very pleased . One day the farmer found a few sheep missing , Also found traces of wolves , Then I realized that a wolf stole a sheep . The farmer followed the trail of the wolf , Set traps , Day and night supervision , Both body and mind are tired , But I still didn't catch the wolf , The number of sheep is decreasing . Last , The farmer replaced the thatched sheepfold with a marble sheepfold , There are no fewer sheep , Farmers no longer have to look for wolves .

​

edit

Add picture comments , No more than 140 word （ Optional ）

The concept of host reinforcement is like this . So how to prevent blackmail virus , The idea of host reinforcement is a good strategy . The core points of host reinforcement ： 1、 System reinforcement Lock the debugged system , Become a trusted system . In a trusted system , Illegal procedure 、 Scripts can't run . And it will not affect data access . Even if the system has vulnerabilities , Even administrator privileges are lost , This trusted system is secure . 2、 Program reinforcement The executable program is signed by trusted signature 、 Start the script in real time hash value check , Verification failed Refuse to start , And trusted programs cannot be disguised . 3、 Document reinforcement Protect files of the specified type from tampering . 4、 Disk encryption Create a safe sandbox , The sandbox is isolated from the outside , Encrypt the data in the sandbox , Ensure that the data can only be used on the premise of effective authorization management Next , To be decrypted . If there is no authorization , Even administrators cannot copy and use this data , Even system cloning does not work . 5、 Database hardening first floor ： Database files are forbidden to be accessed and tampered with by unfamiliar programs . Ensure database file level security . The second floor ： Database port access trusted filtering , Only business programs are allowed to connect to the database port , In company Followed by string IP+ port + In the account password , Append process identification . The third level ： Database connection SQL Intelligent filtering of text , Prevent critical data from being retrieved and accessed , Prevent database Illegal access to internal data , Prevent dangerous operations of database forms . Many problems can be easily solved by changing one way of thinking . How to prevent blackmail virus , Obviously, the strategy of host reinforcement is better . As for the host How to select reinforced products , Different people have different opinions. Wise people have different opinions . Personal recommendations MCK Mainframe reinforcement . The company to which this product belongs is a veteran in the field of data security , And their other product SDC Sandbox is very good in the field of source code security .