If you are looking for tips for protection and prevention against ransomware, then you’ve come to the right place. In last week’s blog, we defined what ransomware is and why it’s a serious threat, so go back and have a look. Now, we’re going to help you understand what you can do on your own to protect yourself or your organization from ransomware and prevent a compromising event.
Of course, the use of excellent software is helpful, however, there are easy preventive steps that you can take now. AISN Chief Operating Officer Eddie McAndrew and Principal Cybersecurity Engineer Oran Dillon offer these tips for protection and prevention against ransomware:
1. Security Awareness Is Step One
The largest vector of attack is the person sitting in the seat. First – train your users! Security awareness is critical for you and for all of your organization’s employees. Most of the ransomware attacks that have taken place in the past have been linked to poor protection practices by employees, according to security expert Norton. Don’t click on those unfamiliar links, especially email attachments from suspicious senders or unknown websites. Threat actors will often perform reconnaissance on a targeted organization prior to implementing their ransomware attack, so it is important to not disclose any personally identifiable information to any unknown senders of text messages, calls or emails.
2. Employ Vulnerability Scanning & Endpoint Protection
Contact AISN for vulnerability scanning and endpoint protection software and services. Keep your anti-virus and anti-malware signatures updated for newly discovered vulnerabilities and attacks. Use email and web content filtering to help prevent malware from reaching your system. Configure access controls such as firewalls, on your network perimeter and systems to prevent malware payloads from launching, or to limit their spread across the network.
3. Deploy an Effective Backup & Recovery Process
Arguably, the most effective way of fighting against a ransomware attack is maintaining backups of all your data, with an adequate retention schedule. Backing up your systems and data with a solid, tested process, with high-quality backup software is crucial. Your data retention scheme is also critical – backups should be retained for a minimum of a month! Ransomware can encrypt over a period of time – going back weeks or more. Backups should also be isolated from the system, so they are not able to be infected.
4. Keep Your Systems Up to Date
One other important aspect of prevention against attacks in general is performing consistent updates of your programs and operating system. Having the latest security patches means that you are securing yourself from known vulnerabilities that could be exploited by threat actors. The sooner the patch is implemented, the lower the potential chances of your network being compromised. Your endpoint protection, OS, browsers, web plugins and other software applications on your network need to be monitored and checked frequently for new updates.
5. Being Prepared Means Being Ready
A key to response is having a plan laid out for what needs to be done when an attack does occur and succeeds in encrypting your data and files. By planning out the steps beforehand, an organization will have a much better chance at combating and remediating the incident and reducing any loss of assets or casualties in the case of hospitals and healthcare facilities.
Think Ransomware Cannot Happen to You?
Check out the list of companies that have already been attacked this year. In next week’s blog, we’ll discuss incident response planning, so stay tuned. In the meantime, contact us if we can help you sort through what you need to do to sort out protection and prevention against ransomware for your organization. As always, the first consultation is entirely free. So what are you waiting for?