Your Checklist to Preventing and Fighting Ransomware Attacks

Graham Fry, Managing Director, avsnet

Business disruption comes in many forms – from a poor network to sluggish decision-making because people are unable to collaborate effectively.

Thankfully most situations can be solved with technology, however there’s a malicious threat out there, one poised in the shadows waiting to strike, that’s more difficult to contain. It’s ready to slash productivity, test your resilience and harm your reputation.

We’re talking about ransomware – sophisticated attacks that take advantage of lapses in employee concentration and holes in your defensive perimeter. When battling ransomware, the most effective defensive strategy is to go on the offensive, bolster your security capabilities and educate employees on how to avoid its nefarious grip.

To help, we’ve worked with Cisco’s security experts to prepare a helpful 10 step checklist.

1. Back it up – This might seem obvious, however lots of companies, especially SMBs, still don’t schedule regular backups. Eliminating ransomware involves powering down a device, wiping it and reinstalling a backup. Backing data up minimises any long-term harm to your business.

2. Patchwork like clockwork – Ransomware thrives on outdated software with vulnerabilities and irregular patching leaves your business exposed, so make sure everything is patched regularly across the network.

3. Educate for success – One of the weakest links is us humans, and phishing and other social engineering schemes easily open the door to ransomware. Strong security is all about knowing who to trust. When dealing with email, employees should ask themselves whether they know the sender, is it authentic, do they need to open the file / go to a link and is there a prior conversation involved?

4. Bulk up your network – Deploying a layered approach to network security is crucial. Avoid single points of failure at all costs!

5. Chop up access – Network segmentation limits what resources an attacker can access and because the majority of networks are “flat” (where everything is accessible by everyone), it’s vital that lateral movement is prevented. This alone can work wonders at containing threats.

6. Never take your eye off the ball – Do you know what’s happening across your entire network at this very given moment? Network visibility is imperative to protecting your network and helps uncover newly emerging threats that would otherwise be hidden away in the shadows.

7. Go to the source – Quite often the most significant threats come from places outside of your control – emails, compromised websites, rouge advertising, remote files. Make sure you are diligently blocking locations where threats originate from with intelligent web filtering.

8. Tool up, roll out – The rise of flexible working means workers are no longer contained in a single location so it’s important to maintain control of end-points wherever people are. Helping this process is the concept of “least privilege” where people are only given control as their role permits. For example, not everyone in your organisation needs to be an administrator of a solution.

9. Two’s company – Always use two factor authentication when available. A hacker might steal a password but the chances of them also having the user’s smartphone or token at the same time is incredibly slim.

10. Never pay – No matter how tempted you are, do not pay. Contact an expert instead and refrain from funding the hacker!

Every business is unique and an organisation’s security maturity differs from company to company. Whether you’re a fast-growing SMB or an established market leader, thanks to Cisco’s extensive security portfolio and cloud services, delivering a strong security strategy no longer has to cost a king’s ransom…

For more information, contact us today.