fbpx

11 Best Practices to Defeat Ransomware

Details
Category: Cybersecurity PRISM
Imagine someone breaking into your home, finding your jewelry, locking it in an impenetrable chest in the middle of your home, then leaving with the key after placing a ransom note. If you contact the burglar and pay the ransom note, he will give you the key to unlock the chest and get to your jewelry. Otherwise, good luck breaking the chest. You know all your valuables are there, but you simply can’t use them. Ransomware acts in a similar way, except that it goes after your files and data.
 
Ransomware is a form of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access to the data upon payment.
Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin.
 
 

11 Best Practices to Defeat Ransomware

Security experts suggest several precautionary measures for preventing a ransomware attack.
  1. Use anti-virus and anti-malware software or other security policies to block known payloads from launching.
  2. Make frequent, comprehensive backups of all important files and isolate them from local and open networks.
  3. Immutable backup options such as Object Lock offer users a way to maintain truly air-gapped backups. The data is fixed, unchangeable, and cannot be deleted within the time frame set by the end-user. With immutability set on critical data, you can quickly restore uninfected data from your immutable backups, deploy them, and return to business without interruption.
  4. Keep offline backups of data stored in locations inaccessible from any potentially infected computer, such as disconnected external storage drives or the cloud, which prevents them from being accessed by the ransomware.
  5. Install the latest security updates issued by software vendors of your OS and applications. Remember to patch early and patch often to close known vulnerabilities in operating systems, browsers, and web plugins.
  6. Consider deploying security software to protect endpoints, email servers, and network systems from infection.
  7. Exercise cyber hygiene, such as using caution when opening email attachments and links.
  8. Segment your networks to keep critical computers isolated and to prevent the spread of malware in case of attack. Turn off unneeded network shares.
  9. Turn off admin rights for users who don’t require them. Give users the lowest system permissions they need to do their work.
  10. Restrict write permissions on file servers as much as possible.
  11. Educate yourself, your employees, and your family in best practices to keep malware out of your systems. Update everyone on the latest email phishing scams and human engineering aimed at turning victims into abettors.

 

This Article Was Written & published by Meena R,  Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India. 

Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...

She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms. 

34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook. 

If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:

Click Here to follow her: Cybersecurity PRISM