Since the outbreak of the WannaCry ransomware earlier this year, businesses have become all the more worried about the threat that ransomware poses to their systems. Millions of systems around the world were compromised by WannaCry, and though the threat has now largely been contained, the general availability of more advanced encryption technologies means that ransomware is still a major threat.
As an IT security professional, it may be impossible to protect your business from the most targeted attacks, however there are best practices that should help you avoid being compromised by accident. Here are our top tips.
The reason why ransomware is so effective as a form of cyber-crime is that it locks victims out of their data and resources. If there’s no backup, the victim has no choice but to pay up. However, you can negate the effects of a ransomware attack if you simply have an up-to-date backup process and the ability to quarantine infected systems. Conduct regular backups of your system, and ensure that your files are stored offline so that they can’t be accessed through your network. And conduct regular restoration tests, too – you don’t want to find out that, upon trying to restore your systems after a ransomware attack, your backups are worthless.
The majority of ransomware attacks still result from old-school social engineering tactics, meaning that the malicious software is often downloaded through an email attachment that an employee has thoughtlessly downloaded. Employee training on what to look out for is essential if you’re going to avoid ransomware attacks. I’s also worth restricting the ability of employees to open executable files on their devices, and restricting admin access.
Given that most malicious software is sent and downloaded through email, it makes sense to beef up your email security. If it isn’t prohibitive to employees being able to do their jobs, you could look at blocking attachments altogether, or at least blocking certain file types such as executables or zips. You should also deploy advanced spam-detection techniques to weed out any pieces of malware that are sent via spam.
Keeping on top of software patches is a full-time job, but it’s worth hiring someone dedicated to it if you have a lot of distributed systems. More often than not, ransomware attacks succeed by exploiting weaknesses in older versions of software, meaning that those who are still running older versions are at a disadvantage. Sure, keeping on top of your software updates won’t protect you against zero-day attacks, but it’ll go a long way towards protecting yourself against the majority of ransomware out there.