Much like fashion, sometimes old technology trends become new again. Ransomware attacks, which were introduced in 1989, embody one such example of this cycle and have become increasingly prevalent over the past several years. Ransomware is a malicious virus that infects a device or network to effectively “lock out” users from accessing their files until they agree to pay ransom.
Ransomware is growing at an exorbitant rate and is expected to exceed $5 billion in 2017, an increase from $325 million in 2015, according to the 2017 Ransomware Damage Report by Cybersecurity Ventures, a leading global cyber economy researcher and publisher.
The following list provides eight steps to protect your network against these insidious cybersecurity attacks and can help you to avoid a situation in which you feel like you’re being held hostage by cybercriminals.
1. Educate Your Employees
User education and awareness are among the most important components of defeating ransomware. By training your staff to implement appropriate “internet hygiene” practices, you will help to prepare them for dealing with potential ransomware attacks, such as knowing to treat suspicious emails with caution. Check out some of the human error related issues that you should address to protect your sensitive corporate and client data.
2. Use a Multilayered Approach
Protection from ransomware extends beyond simply the hardware level of the firewall. Security is critical and can be extended through the use of intrusion prevention and software layers on devices at the network perimeter.
3. Back Up Files Regularly
This point cannot be understated: A significant safeguard against being forced to pay ransom is having a robust backup and recovery solution in place. Depending on a variety of factors, including how quickly the security compromise is detected and how widespread the data loss, recovery from a backup often can be one of the best options.
Backing up your data also can save your company a lot of money. Each lost or stolen record containing sensitive and confidential information is estimated to cost companies $141, and the average cost of a data breach is now more than $3.6 million globally, according to the “2017 Cost of Data Breach Study: Global Overview” by Ponemon Institute and IBM.
4. Protect Endpoints
Endpoint security solutions are important in helping to prevent data breaches. Because users primarily interact with corporate and private devices, endpoints are potentially high-risk areas when they are not adequately managed or lack appropriate antivirus and antimalware protection.
Most antivirus solutions are signature-based, meaning that they are ineffective if not regularly managed and updated. Newer ransomware variants are uniquely hashed, meaning that they are essentially undetectable when using signature-based techniques.
5. Patch Your Systems and Applications
Think of this as your system receiving its vaccinations. Because many attacks are based on browser, plugin and app vulnerabilities, it’s critical to have processes or systems in place that ensure updates and patches are promptly applied to your programs. Choosing a solution provider that automates patching and version upgrades thoroughly and consistently goes a long way in helping to protect your organization from a range of cyber threats, including ransomware.
6. Segment Your Network to Stop Spread
Most ransomware spreads via the endpoint to the server/storage where all mission-critical data and applications reside. By segmenting the network and isolating critical applications and devices on a separate server or virtual LAN, you can help to limit the damage and minimize the spread of this malicious content.
7. Quarantine, Analyze Suspicious Files
Sandboxing and other related technologies enable you to quarantine suspicious files for analysis and prevent them from accessing the network. The files are held at the gateway until a verdict has been given about whether the files are safe. If a file is found to be malicious, you can implement protective measures, such as policies that block domains or IP addresses or transmitting signatures to network security applications, to prevent follow-up attacks.
8. Implement the Added Layer of an Internet Protection Solution
A tool like Cisco Umbrella prevents callbacks to malicious sites when users unknowingly click on a ransomware link. It's a cloud-based security platform that serves as the first line of defense enforcing security at the DNS layer. This latest type of solution is significant when it comes to preventing ransomware (and malware, too!).
Is your network protected? While each of these is great on their own, implementing these strategies together can make a world of difference to your organization’s security capabilities. We’ve found that by taking a multilayered approach to this issue, our clients are protected significantly better than the average business. This kind of comprehensive network protection solution is what our clients have come to expect from us.
Share your thoughts. Do you think I am missing anything specific? Let me know what you think in the Comment box below or send an email if you’d like to further chat about this topic.