As we have seen with the global WannaCry attack, ransomware is notoriously difficult to combat. It can affect all types of organisations and some can even end up being targeted more than once.
Many organisations who do fall victim actually pay the ransom because they simply cannot afford to lose access to critical data. Even if they think they can recover the data themselves, it can take hours or even days to do so. Many organisations therefore feel they have no option but to pay up.
In the previous blog in this series, we explained the importance of educating your staff about the threat from ransomware.
In this blog, we are going to address what other steps you can take as a business to make sure you do not fall victim.
Your first line of defence against ransomware is to protect your email and web gateway. The majority of ransomware attacks come via email – an innocent click on an email attachment is enough to wreak havoc. Using anti-virus software to scan for malware, risk assess your files and block emails that have bypassed your traditional filters, helps catch ransomware before it can be clicked on. Make sure it is up-to-date so it can regularly monitor and block the latest threats.
Every single device being used to remotely connect to your corporate network gives an attacker a way in. Endpoint protection works to prevent threats sneaking through by combining features like behaviour monitoring, application control and browser exploit protection to create another barrier across all parts of your IT infrastructure.
Having visibility of your network allows you to spot discrepancies quickly. Using advanced detection techniques and sandbox analysis gives insight into network traffic, ports and protocols across both your physical and virtual network and halts suspect applications in their tracks.
System Management Maintenance
Unpatched vulnerabilities and out-of-support systems can offer an open door to your servers for ransomware. Keep operating systems updated and apply patches quickly once they have been tested successfully on your system.
Sadly even the best systems can be breached, so a reliable backup and disaster recovery solution should be an essential part of any ransomware protection strategy. With regular backups your files and critical data can be protected and restored quickly from a specific recovery point in the event of an attack.
The latest Disaster Recovery as a Service options use the cloud to give you almost instantaneous recovery. You are stripping cybercriminals of their most crippling weapon – time. When time is a factor, a company might have no option but to pay the ransom to get back online as quickly as possible. But, when files are backed up regularly and are accessible from the cloud around the clock, business can continue while remediation takes place. The ransomware attack can be countered with no loss of revenue or reputation to the business. It’s a simple yet effective defence.
If you are unfortunate enough to fall victim, the UK’s National Crime Agency and National Cyber Security Centre want you to report it. The more incidents are reported, they say, the more the law enforcement agencies can investigate, arrest the culprits and take preventative action to stop future ransomware attacks taking place.
To find out more about how to take action against the threat of ransomware please download our comprehensive ebook.