Ransomware: 10 ways ransomware attackers pressure you to pay the ransom – Part2

Leave a Comment / cybersecurity / By
Ransomware Bendigo IT Services - We can handle IT
72 / 100
Powered by Rank Math SEO

 

Continuing from Ransomware: 10 ways ransomware attackers pressure you to pay the ransom – Part1

Defending yourself against ransomware attacks is more than just having XYZ anti-virus product deployed. There is no silver bullet that will offer comprehensive and guaranteed protection. You will need a multi-layer approach to both minimise your risk of ransomware exposure and maximise your ability to recover should you be attacked.

Consider these tips:

  • Train your employees to help them recognise the kind of emails that attackers use and the demands they might make as part of a ransomware attack.
  • Ensure that ALL software in use is patched, maintained and up to date. This includes all proprietary and open-source software. Any of these have the potential to compromise your system security. Some more than others. For instance, continuing to use Windows 7 or 10+ year old versions of Microsoft Outlook is a disaster just waiting to happen.
  • Establish a contact point for your employees to report any suspicious activity on the part of a potential attacker.
  • Adopt the concept of least privilege when creating user accounts on your computer systems. Only assign the necessary level of access required for someone to do their job.
  • Implement a process to scan for possible malicious insider activity.
  • Monitor your network security and note the five early signs an attacker is present6 to thwart ransomware attacks before they do damage.
  • Disable any instances of internet-facing remote desktop protocol (RDP). If employees need remote access to an internal system, put it behind a VPN. This is crucial.
  • Regularly back up your critical data and keep at least one backup instance offline. Adopt the 3-2-1 method for backups. That means backing up three copies of the data using two different systems, one of which is offline.
  • Ensure that your your systems are documented sufficiently. If the worst happens and some system need to be rebuilt you will have a guide to how your systems operate. It will end up saving you time and money.
  • Implement some form of Managed Detection and Response for Ransomware within your business.
  • Set up an effective incident response plan (7) and update it as needed.

    For more information on combating ransomware, contact our experts at IT Grove.

REFERENCES

1. Mackenzie, Peter 2021, Sophos, accessed 2 November 2021

2. Witney, Lance 2021, TechRepublic, accessed 2 November 2021, 

3. Sanders, James 2019, TechRepublic , accessed 2 November 2021, 

4. Zorabedian, John 2014, Sophos,

5. Roby, Karen 2020, TechRepublic, accessed 2 November 2021,

6. Mackenzie, Peter 2020, Sophos,

7. Sophos 2021, accessed 2 November 2021,

 

SHARE this post

Facebook
Twitter
LinkedIn
Email
Pinterest

Leave a Comment

Your email address will not be published. Required fields are marked *