Ransomware is malware that blocks a computer or data and only releases it once a payment has been made. There is no cure-all to prevent the attacks and the impact is enormous. The loss of sensitive business data, financial damage and reputation damage are some of the major risks. Even if your organization has good backups, it takes a lot of time to get the primary processes up and running again.
Prevention is better than cure
There is no cure-all to prevent the attacks and the impact is enormous. With the right technological measures you can block many attacks, but cyber criminals are increasingly sophisticated and the numbers don't lie. With attacks doubling in 2020, the number of ransomware incidents continues to rise.
Prevention is better than cure. You can prevent ransomware with both the correct technical measures and safe human action. Here are some tips for you so you know what to look out for in order to prevent ransomware.
1. Make backups
A good backup is worth its weight in gold. Literally. When cyber criminals demand a ransom to release data, grab your backup. Worldwide, 56% of the attacked organizations get their files back via their own backups. In the Netherlands, the ransom amount is on average: 1.45 million. Count your profit!
2. Train your employees
Making employees aware of cyber risks and making sure they know how to identify a ransomware attack is an important step. Where technology stops, secure human behaviour is the next step.
3. Update software
It makes sense that criminals will find it easier to get in touch with out-of-date business software or software of which you are using older versions. Cyber criminals are always on the lookout for vulnerabilities. Update your software as soon as possible.
4. One antivirus program is not the other
There are quite a few antivirus programs on the market. One better than the other. Invest in an antivirus program that also recognizes ransomware. Research shows that 25% of ransomware attacks do not get through a good antivirus program. Hackers try to enter through leaks in systems and software. They target unpatched systems. So quickly apply new patches so that cyber criminals cannot cause damage in this way.
5. Limit admin rights as much as possible.
The administration domain is the most interesting account for hackers. This account is often managed by the system administrator and provides access to all systems within the organization. Once in there, a hacker can do the most damage to all important business information. The more admin rights a person has, the greater the target for cyber criminals.
6. Provide network segmentation
In an attack you want to prevent the entire infrastructure from being hit. Minimize damage and segment networks so that cyber criminals cannot reach all systems after a breach.
7. Two-factor authentication
We mainly log in with a username and password. Passwords are often used for multiple accounts and are easy to remember. And easy to remember means easy to guess. By using a two-factor authentication where you need an SMS code in addition to a password or an authentication app that generates a code, you make it more difficult for hackers to break in.
8. Bonus tip
Practice with a digital incident. This way you immediately see how efficiently and adequately your organization can suppress an incident. The IT, communication and management departments (and perhaps other departments in your organization) will always be involved in an incident. In this way they can prepare and know where the bottlenecks lie for a future incident.
You are not alone.
We have just found out: 75% of the attacks come through virus scanners and 46% of the organizations did not get back any files from their own backup. 2,244 ransomware attacks take place every day. Those are hefty numbers!
Where technology stops, safe human behaviour is important. And prevention is better than cure. Make sure your employees know what to look for before clicking anything or downloading a file. Criminals need a single person to click, accidentally or not, to penetrate an organization and cause damage.
Ransomware is a huge problem and does most of the damage online. That is why Infosequre developed an anti-ransomware kit with all the tools you need to detect and resolve both technical and human vulnerabilities.