Ransomware Prevention and Response Tips

By May 29, 2019 No Comments

Ransomware, a form of malware that targets individuals’ and businesses’ data and systems for the purpose of extortion, has become a pervasive threat relatively quickly. According to Phishme, ransomware attacks have increased over 97 percent in the past two years. A total of 850.97 million ransomware infections were detected by the institute in 2018.

Ransomware attacks can be devastating for a business. Factoring in the cost and the average amount of time lost to such breaches, it’s estimated that the financial impact of ransomware attacks starts around $75 billion per year, according to Datto.

To help prevent your organization from falling victim to the damaging effects of a ransomware attack, follow these steps:

Implement a strong cybersecurity policy

Ransomware typically comes through a malicious link in an email. In fact, 93 percent of all phishing emails contain encryption ransomware, according to PhishMe. Additionally, a new organization will fall victim to ransomware every 14 seconds in 2019 according to Cyber Security Ventures. So, the first line of defense is to train employees how to spot potential phishing emails and how to report them.

If you don’t already have a strong security policy from which to build an effective security program, work with a cybersecurity firm to create one for your company – and train employees on it regularly (at least annually). Start with the basics, like the risks associated with cyber attacks and tips on how to avoid such attacks. This training should also outline a defined, easy to comply with process for employees to report suspicious emails.

Segment your network

It’s important to take a layered approach to security by establishing a series of defensive mechanisms so that if one fails, there’s another in place to stop an attack. Network segmentation keeps bad actors from jumping around inside your network should they find a way in. Think of it like a prison – with multiple gates and fences sectioning off areas that can’t all be accessed at one time and that are all easily visible by the guards, ready to act if anyone bypasses a layer of security. Your network security should be similar, except instead of keeping criminals in, your goal is to keep cyber criminals out.

Segmenting or “zoning” your network allows you to limit access to sensitive information to only those applications, servers, and people who need it. To start, companies should assess the sensitivity of their data and group it accordingly. For example, healthcare providers should create network segments that limit access to medical data, isolating personal and confidential data from the rest of the network. Additionally, companies should assign users to groups following the principle of least privilege, meaning only giving users access to the information and systems they need to do their job – and nothing more.

The more layers and controls you put in place, the harder it is for an unauthorized user to gain access to company data.

Establish a patch management program

Cyber criminals often exploit vulnerabilities in computer systems and software programs, using holes in security to place their attack. Therefore, it is incredibly important for your organization to quickly apply any patches when they are released from software providers. These patches are code changes designed to fix specific security problems.

Establish a patch management policy that covers how patches should be updated and who is responsible for updating them. For larger companies with a lot of computers, make sure you have a way of keeping track of the computers that have been updated and those that have not. A change management system allows you to track and audit applied patches. Also, consider running regular vulnerability scans to check your work.

Backup your data

One in five businesses suffered an IT security incident as a result of a ransomware attack last year, according to Kaspersky Lab – and 67 percent of affected companies lost some or all of their data.

Because no prevention method is foolproof, it is critical that your organization regularly back up its data. To maximize the effectiveness of your backups, we suggest backing data up to more than one medium and storing them in more than one location. From real time replication to bicoastal data centers and full hot sites to external hard drives and tapes stored at Iron Mountain, there is no one-size-fits-all solution here. The complexity and redundancy of your backups solution should be a conscious business decision made to match the regulatory, contractual, and business needs of the organization. 

In the event that a system is compromised and your organization finds itself in a ransomware situation, your backups can save you time, money and a whole lot of headaches.

Interested in learning more ways you can protect your company’s data? Give us a shout at 615-622-4591. 

Leave a Reply