How to protect against ransomware with an antivirus

protect against ransomware
21 Oct, 2022 519 Views
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)

If you had to grade malware in order of how much the average company hates and fears it, right now, there’s a good chance ransomware would come at the top of the list, even above the likes of spyware and cryptojackers. A good antivirus is your first line of defense against ransomware. Here is what you need to know.

You need an antivirus program which specifically protects against ransomware

This may sound like stating the obvious, but never assume that an antivirus program will protect against ransomware. Check the details of what it actually does. Then check the brand behind it to ensure that you can trust any claims it makes.

You need an antivirus which checks both websites and email

At present, all ransomware attacks involve some element of social engineering. A user has to be tricked into visiting a compromised website and/or downloading a malicious file, usually sent as an email attachment. You, therefore, need a security product which can check both. Ideally, it should also have an integrated firewall as this is also a vital part of your IT security defenses.

Cloud-based antivirus products are preferable

New forms of malware are emerging all the time. This is particularly true of ransomware as the cybercriminals behind it have a strong financial incentive to keep updating it so that it stays ahead of security tools. This means that antivirus products are constantly being updated in response to emerging threats.

With cloud-based products, the protection is effective from the moment it is deployed by the company behind the antivirus. With offline products, the user has to download and install the update. This may not seem like much but when you multiply this slight delay over numerous updates, you can see how it does add up to a major difference. Additionally, storing virus definitions offline consumes a lot of local resources, whereas using a cloud-based product significantly lightens the load on the local device.

Your antivirus product needs to be coupled with good security hygiene

The idea behind antivirus products is that they build on existing defenses. In particular, they assume that you have your operating system(s) and applications fully up-to-date. This is a major weak point at many companies and as such, it is regularly exploited by cybercriminals. If it’s a weakness at your organization then you either need to fix it internally or arrange for a managed IT services vendor to take care of it for you.

You may want to think about restricting internet use

Allowing people to use the company internet connection for non-work activities increases the company’s exposure to security threats and everything they imply. It particularly increases the company’s vulnerability to ransomware because this is updated so frequently that it may slip past even the best security software.

Because of this, it may be time to put a stop to the practice of allowing employees to use the company’s main internet connection for personal business as long as it does not interfere with their work. Given that just about everyone now has a smartphone and/or tablet, a possible compromise might be to set up a “social” WiFi network and allow them to connect to that.

Mobile users should always use VPNs or paid Wifi/mobile data

Free public WiFi may be one of life’s greatest conveniences, but it’s also one of IT’s greatest security hazards and people should never connect to the company network from it. If workers spend a lot of time on the move, then it may be worthwhile setting up a VPN so they can use public WiFi if necessary. In some cases, that may be by far the most practical option (for example at the average airport). For lighter users, however, VPNs may be more hassle than they’re worth in which case, they should stick to paid WiFi and/or mobile data.

It’s still important to implement a robust data backup policy

No antivirus product can ever guarantee 100% protection, especially not from a threat like ransomware. New forms of malware may slip past even the best defenses precisely because they are new and hence not recognized. This means that you absolutely must have a robust data backup policy in place. Ideally, you should have two data backups, one on-site and one off-site (or one in your main cloud and one in a secondary cloud).

It is very risky to rely purely on local backups, especially if they are automated, since malware that can infect your local system may also be transferred into your local backup. This is particularly likely with ransomware (it’s known as the ricochet effect).

Please click here now to start your free 30-day trial of Xcitium AEP.


Related Sources:

Endpoint Detection

Endpoint Detection and Response

best anti ransomware strategy

Ransomware Attacks

Ransomware Protection

Ransomware Removal

Ransomware Virus

ITSM Products

Protect A Computer From Ransomware