The number of ransomware attacks has grown exponentially in recent years. In its wake infected millions of computers and generated millionaire costs for the companies.
We recommend three best practices that all companies, regardless of size, should apply.
1. Education and awareness
Many of the employees have never heard of phishing or man-in-the-middle attacks, and hackers know that. It is critical that you inform your employees about the most common methods of attack and how to avoid them. For example:
Never click links contained in an unknown email. Write or copy the address in the browser to avoid unintentionally opening a hidden link to a malicious website.
Be careful when opening attachments to e-mail messages. This is a common method of ransomware attack.
When visiting a website, pay attention to URL. Some common malicious sites include URLs with IP addresses at startup or a supposedly secure site that does not use HTTPS.
Fake email addresses are another method for acquiring sensitive information . Never send personal information by email. We recommend dealing with these situations personally and talking on the phone.
Never share the password with someone by email . Serious companies never apply for email credentials.
2. Backups, backups, backups
While the prevention of threats and attacks is always the ideal method of defense, it is necessary to have an alternative plan. In the event that an advanced malware attack, specifically from ransomware, takes over your system, periodically backing up can give you the peace of mind that you can recover your data. Here are some tips for backing up your information:
Offline backups are essential. Modern ransomware can find and encrypt the storage of your network.
Simplify your backups to the fullest . Create a shared global space that can store your most important information, and leverage data partitions wherever possible.
Automate your backups whenever possible . Do not let a human error make you skip a backup.
3. Defense in depth
Ransomware attacks seek to take advantage of all possible attack vectors. The more layers of security you
implement, the more likely you are to stop an attack that violated one of them. These types of attacks have the
ability to mutate into something unique and evade traditional signature-based detection methods. Here are some of the
Key security layers your organization should implement:
Protect your network
Ransomware uses the network not only to connect to malicious servers and obtain the encryption key, but also exploits it to spread the attack throughout the organization.
Take advantage of isolated network spaces to detonate zero day threats. Isolated network spaces are an ideal tool to detonate unknown malware without compromising the security of your devices.
Get visibility from your end devices
Ransomware attacks usually begin at the end devices. Having visibility of the event activity of these devices allows the detection and correction of the threats before the damage occurs.
Join the points between the net and the end . Correlate data from network events and the end allows a comprehensive assessment of your overall threat landscape.