What Can We Do About Ransomware?.
A ransomware attack can be potentially devastating to a business or organisation. Essentially, it means that your important files are being held captive and will not be released unless you pay a price. More and more of these attacks are happening every year, and their success rate means that they are an attractive option for cybercriminals. How do you prevent your enterprise from falling victim to this type of attack? Well, we are going to provide you with some useful pieces of advice that can help to prevent this problem.
Backup Comprehensively
The first and most obvious way that you can not necessarily prevent, but ensure you can recover from an attack, is to make a special effort to backup all your important files, as well as isolating them from open and local networks. You should also look into immutable backup options, which can serve to restore uninfected data and restore it to your business. All offline backups should be kept in locations that are inaccessible from infected computers to prevent the problem from spreading as much as possible.
Exercise Good Cyber Hygiene
Your next area of responsibility should be to exercise good cyber hygiene, as well as encourage your staff members to do the same. Essentially, this covers areas such as good password management and the avoidance of phishing email scams by not opening or downloading attachments or clicking on links from unknown parties (easier said than done, we realise this)…
Segment Your Networks
The segmentation of your networks will help to isolate your critical computers and prevent malware spreading across your entire network if one happens to get infected. So, you should make a point of removing/limiting access to network shares that are not needed.
Restrict Admin Rights
Not every user needs to have full admin rights, so you should only give them to trusted members of your organisation to prevent human error and people with malicious intent from accessing important files. You can lower your system permissions enough so employees can do their work, but no more. You can also put a high level of restriction on file servers as well.
Use Accredited Software
While it may seem like no-brainer advice, many firms do not follow it – or choose a provider that is not reputable. You also need to ensure that updates are completed as and when required. Make sure to install all necessary security updates from your operating system and other applications. You can also get security software that serves to protect endpoints, email servers, and network systems from getting infected.
Keep Up with New Ransomware Scams
Knowledge is power in the world of ransomware, and the better that you are able to educate yourself about common ransomware scams, the more likely it is that you are going to spot the common warning signs and be able to prevent attacks from occurring.
In the case of cybersecurity, prevention is very much better than the cure.
Hopefully, we have been able to provide you with some useful advice that will help you prevent ransomware from becoming a problem at your organisation.
If you want to take a proactive step, why not Contact Us and talk to us about our penetration testing services that will test the security of your environment.
About In.security.
In.security was formed by Will and Owen, two cyber security specialists driven to help other organisations stay safe and secure against cyber threats and attacks. After having worked together since 2011 in several former companies, they each gained considerable experience in system/network administration, digital forensics, penetration testing plus training. Based in Cambridgeshire, but operating nationally, we can provide a range of services and training for businesses and individuals alike. Read more about our services below:
- Penetration testing
- Vulnerability assessments
- Build reviews
- Red team testing
- Phishing assessments
- Password auditing
- Cloud security auditing