In 2020 the global cybersecurity market reached a value of $183.34 billion. Even with so much going into cyber security, attackers are always finding ways to get past security solutions.
Almost everyone deals with some sort of sensitive data through their computer, be it personal or business-related. Data protection is essential, so proper protection is incredibly important at all times to avoid falling victim to hackers.
For an explanation of what ransomware is, and 10 tips on ransomware protection, keep reading.
What Is Ransomware?
Ransomware is a way for attackers to hold computers or computer files hostage. There are many for attackers to do this.
Once the attacker has gained access to your files, they will encrypt them and demand payment in exchange for releasing them back to you. This will usually be a type of cryptocurrency.
The rise in the value of cryptocurrencies has naturally given increased the risk of ransomware, as it has become a potentially very lucrative form of attack.
To avoid this, you should first take steps to mitigate the risk of exposing your system to ransomware. As a second line of defense, in case it does find a way onto your device or network, proper ransomware protection is highly recommended.
Ransomware Protection Is More Important Now Than Ever
Over the years, the increased use of computers in all aspects of life has given rise to a similar rise in cyber attacks such as ransomware.
As a result of the Covid-19 pandemic, this has increased the potential for attacks in 2021. With a huge increase in the number of people working from home a lot of companies have had to implement new strategies and systems to enable employees to work sufficiently from a remote location.
This opens more doors for attackers and an increased risk of becoming a victim of ransomware attacks. Both employers and employees may experience new vulnerabilities that they are not used to due to the new way of working.
1. Keep Regular Backups
It is good practice in general to keep files backed up. System errors and accidental deletion can result in important files corrupting or disappearing for good.
Full image backups create a complete copy of your system disk or a selected partition. This makes recovery easy even if someone manages to gain access to your files.
If possible, you should keep files backed up on cloud storage, so that you can then access them from anywhere. Before doing this, however, you will want to ensure your cloud backup has proper ransomware protection. Your vendor will be able to inform you.
2. Educate Employees
One of the most common methods of spreading malware is phishing attacks. Attackers will send out emails containing malicious attachments, malware, or unsafe links in an attempt to infect a computer.
If employees are properly trained, they will be able to recognize such emails know how to handle them. Ensuring employees know not to follow links or click attachments in emails from unknown senders is perhaps the single best way to avoid ransomware infection.
Such training should be regularly conducted. Hackers often change their habits and try new techniques, so people need to be as prepared as possible to avoid falling victim to these phishing emails.
3. Principal of Least Privilege
This means that any employees should only have access to what they need. This can be files, features, networks, or programs.
While allowing employees to have full access generally isn’t a bad thing, there is always an increased risk of errors and other issues. If someone accesses software that they are not trained to use properly, it could cause any number of problems.
Human error will still always occur. If employees only have access to what they need for their role, there will be fewer errors and overall security will be better maintained.
4. Keep Up to Date
This is regarding both software and operating systems. Developers are constantly releasing updates. These should be installed as early as possible to maintain the best level of security.
Whenever developers find an exploit in here software they will work to patch it immediately. Updating software as soon as possible ensures the best possible protection.
Staff should be aware of the need to install updates when they are available. When possible you should enable auto-updates, making the process easier and more streamlined.
5. Do Not Enable Macros in Microsoft Office Attachments
Sometimes when a word document is received via email, opening it will present the option to “Enable Macros”. If this happens, say no.
If a hacker has placed ransomware in the file and you allow macros to run, they will be able to install the ransomware and encrypt your data.
Newer versions of Office feature an option that automatically blocks macros from Office files from the internet. Ensure this es enabled on all computers to avoid this risk.
6. Disable Remote Desktop Acess
Remote desktop access protocol (RDP) allows users to access systems and files from another location. It can be very useful, but this is also the most common initial ransomware attack vector attackers use.
According to a report from Cortex Xpanse, in 2021 RDP accounted for 30% of exposures. This is more than twice the amount of the second most common.
Hackers can gain access here if the RDP is unintentionally left on a forgotten system, cloud network, or through a device that is directly connected to the internet.
If an RDP is not needed, avoid using one. If an RDP is necessary the following measures can help to mitigate any risks:
- Only use the RDP behind a VPN (virtual private network)
- Limit login attempts (this will reduce the risk from brute force attacks)
- Time limits to automatically disconnect sessions
- Limit access only to approved IP addresses
- Use of an Attack Surface Monitoring solution to monitor for unintended exposures
- MFA (multi-factor authentication) on all user accounts
7. Only Use Trusted Download Sources
To reduce the risk of unintentionally downloading ransomware any downloads should only come from reliable/known sources. Such websites can be identified by trust seals.
In the address bar of your browser, the web address should begin “HTTPS”, not “HTTP”, indicating that the webpage is secure. A shield or a lock symbol also shows that a page is secure.
Similar precautions should be taken with mobile devices. The Apple App Store and Google Play are trustworthy, but other sources should be treated with care.
8. Monitoring and Response
Routinely monitoring systems for unauthorized access is essential. The sooner a response is made to any intruder, the less time they will have to cause harm.
EDR (endpoint detection and response) can monitor and collect endpoint data in real-time. A rules-based system is used for automated response and analysis of threat patterns.
These threats are then removed or contained, and security personnel notified. Tools are also included for forensics and analysis, which then search for other suspicious activities.
9. Anti-malware Software
Various types of software can be used to protect from hackers.
Virus scanners and content filters can help prevent malicious emails. Internet security solutions block potential threats from downloads or streaming sites.
Having proper security software installed, and keeping it up to date is the best first line of defense you can have. This applies to both ransomware as well as other cyber security threats.
10. Don’t Pay Ransoms
Despite taking precautions, it is always possible that you will somehow fall victim to some form of malicious attack.
If someone does manage to take control of your system or files with ransomware, it is still recommended that you do not pay.
It may be that you have no backup, and the files compromised are absolutely essential, in which case you may have no choice. If you do pay, however, this will establish you to the attacker as a paying target.
The attacker may then try even harder to infect your system with ransomware again because they believe that if you have paid once, you will pay again.
Getting Fully Protected
There are a lot of considerations when it comes to security. The more measures taken, the more trust you can have in your ransomware protection, or any other form of cyber attack.
NETdepot provides top-of-the-line infrastructure and cloud services. We are committed to providing the best possible solutions for our client with a focus on 5 key areas:
- Backups as a Service (BaaS)
- Disaster Recovery as a Service (DRaaS)
- Security as a Service (SECaaS)
To find out more about what we can do to help your business, contact us here. We are always happy to help.