10 Simple Tips to Protect Your Organization from Ransomware

Don’t Be a Statistic

Ransomware attacks on businesses and institutions are now the most common type of malware breach, as they account for 39% of all IT security incidents. Criminal ransomware revenues are projected to reach $11.5B by 2019. With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from any potential ransomware menace.

Most ransomware victims are ill-prepared to respond, often losing critical data even if they pay the ransom, meanwhile suffering business consequences like lost revenues, angry customers and damaged brand reputation. With a few simple precautions, plus robust risk management, you can protect your data and business in the most efficient, cost-effective way.

Update Operating Systems and Applications 

Ransomware attacks, such as the notorious WannaCry outbreak of 2017, often exploit software vulnerabilities that can be closed by installing the latest operating system and application patches, updates, and security releases. For instance, organizations that rely on Microsoft Windows should routinely review Microsoft Security Bulletins to learn about the latest security updates for Windows.

Perform Regular Backups

Regular full-image backups are the most foolproof way to defend against ransomware attacks. Backing up critical files regularly, preferably both to your company premises and to secure cloud storage, will let you turn back the clock to undo the effects of a ransomware attack. Your organization may lose some data and files produced since the backup, but everyone can quickly resume work without having to pay a ransom.

Install Anti-Virus Software and Keep Its Signature Database Current

Endpoint anti-virus (AV) products provide a valuable defense against a variety of common malware attacks. Businesses should choose an AV product carefully and enable automatic updates to their signature database.

Enable Built-in Anti-Ransomware Features

Given that many new ransomware variants can evade AV defenses, your organization should also deploy modern data protection software with built-in anti-ransomware features, such as Acronis Backup with Active Protection. This innovative technology uses behavioral heuristics and machine learning to automatically detect and terminate ransomware attacks; it then automatically restores any files damaged before the attack was detected.

Close Vulnerabilities in Your Business Email System

Your email administrator can make some simple configuration changes for all users that will make potential ransomware attacks more obvious — for example, make file-name extensions (like .pdf for Adobe Reader documents) visible by default. This will make it easier for users to identify potentially malicious, such as executable JavaScript files (with the file extension .js) trying to masquerade as a harmless Microsoft Word document (.docx). Consider company-wide AV scanning of all email attachments by default.

Teach Users to Avoid Becoming Ransomware Victims

Phishing emails crafted to appear trustworthy with personal information gleaned from sources like Facebook and LinkedIn are a common ransomware attack vector. Train your colleagues to be suspicious of emails from sources they don’t explicitly know and trust. Sensitize employees to the risks of clicking on email links and opening email attachments and encourage them to contact the sender about any slightly suspicious email.

Segment the Business Network to Curtail Worm Propagation

Many ransomware variants can spread from an initially compromised machine to other servers and PCs on the network. Make this kind of propagation harder by subdividing your business LANs via technologies like Access Control Lists, private VLANs and context-aware secure segmentation.

Grant Administrative Rights Only to Users and Applications That need Them

The greater the privilege level given to a user account or application, the greater the potential for harm if its credentials are compromised. Grant basic user privileges by default and be reluctant to grant elevated application privilege levels via User Account Control.

Enable the Newest Security Features in Business Applications

Popular business applications like Microsoft Office now include many “default-deny” security features, e.g., disabling of macro execution in Word or Excel attachments. Set these defaults company-wide to close some more attack vectors commonly used by ransomware.

Don’t Allow Programs to Launch From the AppData and LocalAppData Folders

Many ransomware variants try to execute from certain system-level folders in an effort to masquerade as standard Windows processes. Create specific rules in your Windows installation to prevent files from executing from these folders.

This UrIoTNews article is syndicated fromDzone