Prepare For and Prevent Ransomware Attacks

Ransomware attacks, such as CryptoLocker, CyrptoWall, Locky, Chimera, Zepto, and the like, have become one of the best money-making exploits for cyber-criminals, with new variants appearing on the scene every month.  These attacks usually start with a phishing email and a ZIP file attachment or a malicious link, so email vigilance can help.  But there have been some variants that open the attack using other means including sophisticated exploit kits that take advantage of system vulnerabilities.

Focus on cybersecurity

Once the attack has completed, the only way to decrypt your files is to pay the ransom for the decryption key, or to restore your files from a good, working backup.  

The best defense is to avoid the infection in the first place.  

Here are 9 tips to help you:

Training

Cybersecurity awareness training can teach your employees how to recognize phishing emails, and teach them about the dangers of email attachments and links.  Learning how to confirm the authenticity of an email by confirming with the sender, or analyzing links and attachments with a tool such as VirusTotal can do more to protect your business than almost any other tactic.

Know what you own 

Maintaining an accurate inventory of everything attached to your network will prevent you from launching an attack from an unknown, old, or unpatched system.  Software tools such as Network Detective can help round up that information.

Patch and update

Keeping operating systems and software updated is critically important.  Most updates address security issues to prevent attackers from exploiting them.

What’s it worth?  

What cost will the company face if an outsider holds your data for ransom? Hollywood Presbyterian Hospital paid $17,000 for the key mainly because it was cheaper than restoring everything from backup.

Current working backups

It’s pretty hard to restore from backup if you don’t have them.  Another important task is to actually test the backup and see if it works.  Restores often fail because nobody tests them before they are needed.  Offsite or cloud-based backups can be an important option, too.

Network segmentation 

Flat networks, in which everyone connects to the same subnet and can access anything, easily allow an attacker to do the same. Using VLANS and other network segmentation techniques and keep an infection from spreading to every computer

Pentesting 

Your IT staff or contractor should be performing regular vulnerability assessments and penetration tests to find the holes in your network security.  If you need outside help for this activity, get it.  Find someone who specializes in this work.

Fire drill 

Have a process for employees to follow to alert the IT staff and warn other employees of suspected phishing and other attacks.

Remote Access 

If employees, vendors, suppliers, contractors, or customers have access to your network, you are only as secure as the weakest of the bunch.  Make sure everyone with access to your network is adhering to your security standards.

This is a short list of preventive activities your company can undertake to prevent and attack. For further Cybersecurity services and solutions offered by CIT, contact us at 651.255.5780.


About CIT

CIT Careers

Rooted in Minnesota with innovators nationwide, we’re tech problem-solvers & solution providers. From cybersecurity to support engineers, we’re powered by passion & precision, aiming to transform adversity into advancement. Together, let’s redefine the digital horizon.

Get in contact: email us at info@cit-net.com or call 651.255.5780

Copyright: © 2024. All Rights Reserved.

CIT is designated autism-friendly by autism speaks