Updated: Jul 28, 2020
Ransomeware attacks have become far more common in the past few years. It seems that almost everyday new forms and variants of ransomware are discovered. The challenge is that there is no effective solution to curb ransomware. Organizations need to take appropriate steps and measures to protect themselves from malware and other cyber attacks.
Here are a few tips that will help organizations avoid becoming a ransomware victim.
If a computer is a part of a network of computers at an organization, it is important to restrict the privileges for the computer. A ransomware will typically have the same privileges as the computer user, and if the computer user has administrative privileges locally or globally, so will the ransomware. This can result in the ransomware spreading quickly to other computers within the organization. The ransomware may be able to encrypt files in an entire Network impacting the organization to perform day to day critical functions and costing the organizations from hundreds of thousands to upwards of millions of dollars.
Organizations need to deploy appropriate solutions to ensure that users have the required privilege access to perform their job function. Organizations should look at adopting just-in-time elevation of privileges based on appropriate policies and workflows to curb installation of malware leading to ransomware.
Education & Training
A common method of entry for ransomware and other malware is via the phishing attack. Organizations need to educate and provide appropriate training to their users to enable them to effectively identify threats from a phishing attack such as:
Hovering over links without clicking them to reveal the true URL
Viewing the message source code to see where it’s really coming from
Questioning emails that are out of the ordinary, like POs coming from a customer you’ve never heard of
Getting a second opinion before you click a link or download an attachment
Doing regular cybersecurity training and enablement will keep organizations users informed of the threats coming into their inboxes every day and help strengthen organizational security defenses.
Keep The Software Up-to-date
Organizations should take the initiative to update software and apply appropriate patches on a regular basis. We are are very familir with the “Petya” or “NotPetya" and “WannaCry” that caused serious disruption at large firms in Europe and the US and various other organizations globally.
WannaCry could have been avoided, or at least made much less serious, if people (and companies) kept their computer software up to date. The WannaCry attack demonstrated how hundreds of thousands of computers in more than 150 countries are running outdated software that leaves them vulnerable. The victims included Britain’s National Health Service, logistics giant FedEx, Spanish telecom powerhouse Telefonica and even the Russian Interior Ministry.
The easiest, and arguably the most effective, way to protect from ransomware attacks is by making backups. It is recommended that multiple serial backups are availble to easily revert to older versions of the systems and files. The serial backups also allow to restore from an older version of the files in the event the ransomware and other malware have corrupted recent / newer backups.
It is recommended that organizations adopt an effective process for offline backups to protect against some of the more sophisticated ransomware that is designed not only to encrypt all backups on your system, but to also encrypt online backups and connected Network shares.
There are many things organizations can do to avoid becoming the victim of a ransomware attack. The tips discussed above should provide an organization with protection against even the most sophisticated ransomware and the most clever criminals. These simple steps can help protect your organization before it is too late.