If you are looking for tips for protection and prevention against ransomware, then you’ve come to the right place. In last week’s blog, we defined what ransomware is and why it’s a severe threat, so go back and look. Now, we will help you understand how to protect yourself or your organization from ransomware and prevent a compromising event.
Of course, the use of excellent software is helpful; however, there are easy preventive steps that you can take now. AISN Chief Operating Officer Eddie McAndrew and Principal Cybersecurity Engineer Oran Dillon offer these tips for protection and prevention against ransomware:
1. Security Awareness Is Step One
The most significant vector of attack is the person sitting in the seat.
First – train your users! Security awareness is critical for you and your organization’s employees. Most of the ransomware attacks that have taken place in the past have been linked to poor protection practices by employees, according to security expert Norton. Don’t click on those unfamiliar links, especially email attachments from suspicious senders or unknown websites. Threat actors will often perform reconnaissance on a targeted organization before implementing their ransomware attack, so it is important not to disclose any personally identifiable information to unknown senders of text messages, calls, or emails.
2. Employ Vulnerability Scanning & Endpoint Protection
Contact AISN for vulnerability scanning and endpoint protection software and services. Keep your anti-virus and anti-malware signatures updated for newly discovered vulnerabilities and attacks. Use email and web content filtering to help prevent malware from reaching your system. Configure access controls, such as firewalls, on your network perimeter and systems to prevent malware payloads from launching or to limit their spread across the network.
3. Deploy an Effective Backup & Recovery Process
Arguably, the most effective way of fighting against a ransomware attack is maintaining backups of all your data with an adequate retention schedule. Backing up your systems and data with a solid, tested process with high-quality backup software is crucial. Your data retention scheme is also critical – backups should be retained for at least a month! Ransomware can encrypt over some time – going back weeks or more. Backups should also be isolated from the system so they cannot be infected.
4. Keep Your Systems Up to Date
Another important aspect of prevention against attacks, in general, is consistently updating your programs and operating system. Having the latest security patches means securing yourself from known vulnerabilities that threat actors could exploit. The sooner the patch is implemented, the lower the potential chances of your network being compromised. Your endpoint protection, OS, browsers, web plugins, and other software applications on your network must be monitored and checked frequently for new updates.
5. Being Prepared Means Being Ready
A key to response is having a plan laid out for what needs to be done when an attack does occur and succeeds in encrypting your data and files. By planning out the steps beforehand, an organization will have a much better chance of combating and remediating the incident and reducing any loss of assets or casualties in the case of hospitals and healthcare facilities.
Think Ransomware Cannot Happen to You?
Check out the list of companies that have already been attacked this year. In next week’s blog, we’ll discuss incident response planning, so stay tuned. In the meantime, contact us if we can help you sort through what you need to do to sort out protection and prevention against ransomware for your organization. As always, the first consultation is entirely free. So what are you waiting for?