You may have noticed a lot of articles about Ransomware filling this space over the last several months. That’s because Ransomware is becoming increasingly damaging to all kinds of organizations, from small businesses up to medium and large government entities. And if you’ve been reading these articles but doing nothing about the rising threat of Ransomware because you didn’t know what to do, now is the time to take action...before you become a victim. What follows are the top 7 things you can do to help prevent a ransomware attack of your company. But don’t delay. Once you’re attacked, it’s too late.
The most important thing to remember is that Ransomware, and malware of any kind, can only be successful when it finds vulnerabilities, either in your security planning, your devices, your access, or your people. So these tips are mostly related to eliminating those vulnerabilities.
1) Patch and Update Your Software
Software is not only updated to include new features but also to patch security holes and fix known problems. Many Ransomware attacks begin with vulnerabilities in your software, which mostly come about because the software has not been updated to the newest version. Keeping your software updated is an excellent way to prevent a Ransomware attack. If you don’t have time to take systems offline to update them, consider using an automatic patch management system.
2) Segment Your Network
Businesses have many different kinds of network traffic: PCs, Servers, Security Systems, VOIP phone systems, and more. Plus, most businesses have different kinds of users, often including employees at their workstations, employees on wifi, and customers on wifi. Ransomware attacks can originate when someone brings an infected device into a business and connects to its network. Other attacks enter an organization when ports are left open by equipment or service vendors, such as security and phone systems. By segmenting your network so that equipment and users are segmented appropriately, you minimize the risk of an attack getting to its target.
3) Web Filtering
There is a strong relationship between non-work web activity and hack attempts. Our web filtering system allows access to known good sites and prevents users from accessing known bad sites. It also has a category of uncategorized sites that are often exploited as part of a hack, which users would be prevented from accessing. Web filtering tools, which are required by compliance standards, also test every link and download before it gets to your browser to ensure there is no malicious software or scripting getting to your computer.
4) Advanced Email Filtering
Emails carrying viruses most often come from people you know, which is why “only open attachments from people you know” is a myth. In order to be truly safe, you need Advanced Email Filtering. Email arrives all the time and without notice. And sometimes that email can come with some bad links included or files attached. Advanced Email Filtering will open all attachments in a protected “sandbox” where the files can be tested for safety, and links are opened to ensure that the sites that they lead to are legitimate and what they say they are. This not only protects against Ransomware, but Phishing and all sorts of malware.
5) Advanced Endpoint Protection
AEP software uses advanced Behavior-Based and AV signature protection to identify and stop known and unknown threats in their tracks. AEP systems can identify when new, previously unknown malware is behaving badly.
6) Awareness Training
A large percentage of Ransomware enters a business when someone mistakenly clicks a link or opens an attachment. Training your employees is not only a good way to prevent a ransomware attack, but also required by many compliance standards.
7) Test Your Backups and Take Them Offline
Some of the worst Ransomware attacks over the last year have involved systems that not only encrypted all of the company’s data, but also destroyed their online backups. Make sure that you maintain complete backup sets off your own network so that they can’t be damaged in the event of an attack. Also, be sure to test your backups on a regular basis, ensuring that they are not only free of malware, but also to practice restoring your computers and servers...just in case.
Prevent a Ransomware Attack With Zero Trust
Most protection schemes operate from the perspective that any network traffic or activity is good unless we know it is bad. That’s how most antivirus works -- by comparing files against a blacklist. But this is exactly the wrong way to protect a business or to prevent a ransomware attack. Your network security needs to be built around the position of Zero Trust unless proven otherwise. That means taking all the steps listed above, but also making sure you are working with a company whose mission it is to protect your company and its IT resources against attacks of all kinds.
If your current IT staff or company isn’t notifying you of trends in cyber security, and isn’t consistently looking for new, better ways to protect you and your business, then perhaps it’s time for a change. Call Digital Uppercut for a consultation to see how much more secure your company can be. Usually, we can tell you in the first 15 minutes which vulnerability will lead to your next breach or hack. Don’t wait until it’s too late. Use our online contact form or call us at 818-913-1335.