10 Simple Tips to Protect Your Organization From Ransomware
Enhance your day-to-day security with ten easy tips.
Join the DZone community and get the full member experience.Join For Free
Don't Be a Statistic
Ransomware attacks on businesses and institutions are now the most common type of malware breach, as they account for 39% of all IT security incidents. Criminal ransomware revenues are projected to reach $11.5B by 2019. With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from any potential ransomware menace.
Most ransomware victims are ill-prepared to respond, often losing critical data even if they pay the ransom, meanwhile suffering business consequences like lost revenues, angry customers and damaged brand reputation. With a few simple precautions, plus robust risk management, you can protect your data and business in the most efficient, cost-effective way.
Update Operating Systems and Applications
Ransomware attacks, such as the notorious WannaCry outbreak of 2017, often exploit software vulnerabilities that can be closed by installing the latest operating system and application patches, updates, and security releases. For instance, organizations that rely on Microsoft Windows should routinely review Microsoft Security Bulletins to learn about the latest security updates for Windows.
Perform Regular Backups
Regular full-image backups are the most foolproof way to defend against ransomware attacks. Backing up critical files regularly, preferably both to your company premises and to secure cloud storage, will let you turn back the clock to undo the effects of a ransomware attack. Your organization may lose some data and files produced since the backup, but everyone can quickly resume work without having to pay a ransom.
Install Anti-Virus Software and Keep Its Signature Database Current
Endpoint anti-virus (AV) products provide a valuable defense against a variety of common malware attacks. Businesses should choose an AV product carefully and enable automatic updates to their signature database.
Enable Built-in Anti-Ransomware Features
Given that many new ransomware variants can evade AV defenses, your organization should also deploy modern data protection software with built-in anti-ransomware features, such as Acronis Backup with Active Protection. This innovative technology uses behavioral heuristics and machine learning to automatically detect and terminate ransomware attacks; it then automatically restores any files damaged before the attack was detected.
Close Vulnerabilities in Your Business Email System
Teach Users to Avoid Becoming Ransomware Victims
Phishing emails crafted to appear trustworthy with personal information gleaned from sources like Facebook and LinkedIn are a common ransomware attack vector. Train your colleagues to be suspicious of emails from sources they don’t explicitly know and trust. Sensitize employees to the risks of clicking on email links and opening email attachments and encourage them to contact the sender about any slightly suspicious email.
Segment the Business Network to Curtail Worm Propagation
Many ransomware variants can spread from an initially compromised machine to other servers and PCs on the network. Make this kind of propagation harder by subdividing your business LANs via technologies like Access Control Lists, private VLANs and context-aware secure segmentation.
Grant Administrative Rights Only to Users and Applications That need Them
The greater the privilege level given to a user account or application, the greater the potential for harm if its credentials are compromised. Grant basic user privileges by default and be reluctant to grant elevated application privilege levels via User Account Control.
Enable the Newest Security Features in Business Applications
Popular business applications like Microsoft Office now include many “default-deny” security features, e.g., disabling of macro execution in Word or Excel attachments. Set these defaults company-wide to close some more attack vectors commonly used by ransomware.
Don't Allow Programs to Launch From the AppData and LocalAppData Folders
Many ransomware variants try to execute from certain system-level folders in an effort to masquerade as standard Windows processes. Create specific rules in your Windows installation to prevent files from executing from these folders.
Opinions expressed by DZone contributors are their own.