How to protect yourself against a ransomware attack
Ransomware is now such a major threat that everyone has to assume that they’re at risk from it. The risk is arguably greatest for businesses since they are likely to store personal data belonging to other people. This is highly desirable to criminals and hence a major attraction. The good news is that it’s actually fairly easy to mitigate the threat of ransomware. With that in mind, here is a quick guide on how to protect yourself against a ransomware attack.
Keep all sensitive data encrypted
This won’t stop a ransomware attack, ransomware will simply encrypt the data again. It will, however, stop data theft. Remember, even if you pay the ransom (which is not advised) and get your data back (which is not guaranteed), there is nothing to stop the cybercriminals from keeping a copy of it and using it maliciously.
What’s more, if you refuse to pay the ransom, then the cybercriminals may threaten to expose your data as a punishment. In fact, they are very likely to carry out their threat.
Have a ransomware-proof data-backup strategy
This is a similar point. Your Plan A should always be to try to avoid ransomware attacks in the first place. The reality, however, is that this can never be guaranteed. You should, therefore, plan your data-backup strategy on the assumption that you’re going to be attacked. This means that you have to be aware of the “ricochet effect” and what it could mean for you. The ricochet effect basically means that infected files are moved into data backups, overwriting any files which were already there.
Your first step in creating a ransomware-proof data-backup strategy is to be scrupulous about cleaning data out of your production system. If it is not actively being used, then it shouldn’t be there. If it needs to be kept (or you really want a copy of it), move it into a data archive or preferably two, possibly one online and one kept in offline storage). Remember that this is an ongoing process.
Your second step in creating a ransomware-proof data backup strategy is to make sure that you have at least two data backups, one local and one off-site (or one in your main cloud and one in another cloud). Any data backup storage location which is connected to your production system is vulnerable to attack by ransomware.
Your third step in creating a ransomware-proof data backup strategy is to make sure that you have recovery points. At present, you’ll almost certainly notice a ransomware attack very quickly after it starts, (although the malware itself can lie dormant for some time before doing its work). You do, however, have to be prepared for this to change.
If you can’t implement recovery points through your backup-management system, then you could work around this by keeping old data backups for some time after they should have become obsolete. This can get expensive if you keep them in fast storage, but if you put them into slow storage, costs generally become much more reasonable.
Implement robust security precautions
As previously mentioned, your Plan A should always be to prevent ransomware attacks from happening in the first place. Implementing this Plan A starts with investing in a reputable anti-malware program with an integrated firewall.
These days, it’s generally best to opt for a cloud-based product. The reason for this is that there is now a massive quantity of malware in the wild and more is being created all the time. This means firstly that storing their definitions takes up a lot of space and secondly that products have to be updated constantly to continue to be effective. With cloud-based products, the vendor takes care of all the back-ups, the client just has to connect and take instructions from the back-end.
The second part of your Plan A is to make sure that you only use live (i.e. actively-supported) operating systems and apps and that you make sure that any security-related updates are applied to them promptly. It is impossible to overstate the importance of this, even if you already have a robust anti-malware product in place. For a case study on why it matters, search on “WannaCry May 2017”.
The third part of your Plan A is to implement “safe surfing (and emailing) practices and to educate your users on what they are and why they are there. This is very likely to mean walking back the relaxed internet-usage policies which have been in place at many companies for many years. The good news is that so many people have smartphones and tablets that this is likely to be much less of an inconvenience than it once would have been.
Please click here now to start your free 30-day trial of Xcitium AEP.
Endpoint Detection and Response