Attacks using ransomware are commonplace, and they affect organisations of all sizes throughout the world. Each of us has a responsibility to prevent ransomware and their plans from succeeding.
Ransomware is malicious software that encrypts data or locks down an entire system until a ransom is paid. The ransomware encrypts the files on the endpoint, deletes the files, or blocks access to the machine to do this. The repercussions of ransomware attacks on critical facilities like hospitals and emergency call centres are particularly severe.
Maintaining regular, secure backups is essential
According to the Microsoft Information Security Advisory Centre (MS-ISAC), the best way to undo the damage done by ransomware is to restore from a recent backup of the affected data. But there are a few caveats that need to be considered. To prevent hackers from accessing them, offline or out of band storage of your backup files is a must. In this way, the information will be safe from deletion or corruption.
Make plans and establish principles
Prepare for a ransomware attack by training your IT security team on what to do in the event of an assault. The plan should specify who does what in the case of an attack and what information is supposed to be relayed at that time. Include a list of contacts, such as business partners or suppliers, who should be notified of the change. Is there a procedure for dealing with “suspicious email”? If not, you should probably consider making that a company-wide rule. Training for when an employee receives an email they don’t understand is provided. Forwarding the message to IT security might be all that’s needed.
Check the ports’ settings
Ransomware, in its numerous variants, usually exploits the Remote Desktop Protocol (RDP) port 3389 and the Server Message Block (SMB) port 445. Think about whether or not it’s essential for your business to maintain access to specific ports. If so, you may want to consider limiting access to authorised servers only. Be sure to double-check these configurations in both on-premises and cloud environments, and work with your cloud service provider to close any unused RDP ports.
Lock down your dependencies
Verify that all necessary security measures have been taken. Organisations can lessen their vulnerability to cyber-attacks by replacing weak default settings with more secure alternatives. The CIS Benchmarks are a terrific, cost-free solution for businesses who want to use industry-leading, consensus-developed settings.
Update your systems regularly
Maintaining up-to-date versions of all company-wide software includes operating systems, apps, and other programmes. The security weaknesses that hackers are looking to exploit can be reduced if users install the latest upgrades.
Get everyone ready
If you want to stop ransomware in its tracks, you must train individuals to be aware of security threats. When everyone in an organisation are able to spot suspicious emails and delete them, everyone pitches in to keep the business safe.