Preventing Ransomware Attacks

Malicious software that uses encryption to hold data for ransom has become wildly successful over the last few years. The purpose of this software is to extort money from the victims with promises of restoring encrypted data. Ransomware is malware that encrypts a computer system’s data and demands payment to restore access. 
 
Paying the ransom does not guarantee you will get the private key to restore your data. Instead, protect your files by using protective measures in your day-to-day operations. In case of an attack, you can return files to their original state.
 
Ransomware is like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it. The chances of infection can be significantly reduced both by security software and by paying sufficient attention. By using anti-ransomware, you can avoid a situation in which you have to pay horrendous sums for the possible release of your data. 

Security recommendations For Dealing With   Ransomware.

  • Do not pay the ransom:  It only encourages and funds these attackers. Even if the ransom is paid, there is no guarantee that you will be able to regain access to your files.
  • Restore any impacted files from a known good backup:   Always back up your data. Restoration of your files from a backup is the fastest way to regain access to your data.
  • Do not provide personal information when answering an email, unsolicited phone call, text or other message:  Phishers will try to trick employees as well as individuals into installing malware, or gain intelligence for attacks by claiming to be from IT or a reputable business. Never give out your personal information to unsolicited people.
 
For organisations to be secure and protected against ransomware attacks and to help with recovery from if they do happen, the US National Institute of Standards and Technology (NIST) has published a series of tactics. NIST’s advice includes:  
 
  • Use antivirus software at all times.
  • Keep all computers fully patched with security updates.
  • Use security products or services that block access to known ransomware sites on the internet.
  • Configure operating systems or use third-party software to allow only authorised applications to run on computers, thus preventing ransomware from working.
  • Restrict or prohibit use of personally owned devices on your organisation’s networks and for telework or remote access unless you’re taking extra steps to assure security.
NIST also advises users to follow these tips for their work computers:  
 
  • Use standard user accounts instead of accounts with administrative privileges whenever possible.
  • Avoid using personal applications and websites, such as email, chat and social media, on work computers.
  • Avoid opening files, clicking on links, etc. from unknown sources without first checking them for suspicious content. For example, you can run an antivirus scan on a file, and inspect links carefully.
In case of an attack, NIST recommends that organisations follow these steps to accelerate their recovery: 
 
  • Develop and implement an incident recovery plan with defined roles and strategies for decision making.
  • Carefully plan, implement and test a data backup and restoration strategy.
  • Maintain an up-to-date list of internal and external contacts for ransomware attacks, including law enforcement. 
The best way to recover from ransomware is to restore data from a backup. Backups bypass the ransom demand by restoring data from a source other than the encrypted files.
 
Hackers know this, so they develop ransomware that scans the network for backup files. After restoring from a backup, you still must remove the ransomware from the network. An effective way to stop malware from encrypting backup files is to keep a copy of your backups offsite. Cloud backups are the typical choice for businesses that need an offsite backup solution. Using cloud backups, you keep a copy of your files safe from ransomware and other cyber security threats.
 
NIST:     NCSC:       NCSC:        Kaspersky:       Norton:         Trend Micro:      Thales:       I-HLS:    Image: Unsplash
 
You Might Also Read: 
 
Will Governments Ban Ransom Payments To Hackers?:
 
« Denmark Helped NSA Spy On European Union
Cyber Security: Its Good To Talk »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Absolute Software

Absolute Software

Absolute provides persistent endpoint security and data risk management solutions for mobile devices - computers, tablets, and smartphones.

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

Averon

Averon

Averon's technology is the new gold standard for digital identity - the easiest, fastest and most secure verification solution for users on both WiFi and LTE.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

Gospel Technology

Gospel Technology

Gospel presents a totally new way of accessing and controlling data which is enterprise grade scalable, highly resilient, and secure.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

JobStreet.com

JobStreet.com

JobStreet is one of Asia’s leading online employment marketplaces in Malaysia, Philippines, Singapore, Indonesia and Vietnam.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

Verizon

Verizon

Verizon is a leader in IT technology solutions - Verizon Cloud, Networking, Security, Mobility, Machine-to-Machine (M2M), Advanced Communications and Professional Services.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

FTI Consulting

FTI Consulting

FTI Consulting is a global business advisory firm dedicated to helping organizations manage change, mitigate risk and resolve disputes.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.

vpnMentor

vpnMentor

We started vpnMentor to offer users a really honest, committed and helpful tool when navigating VPNs and web privacy.

Wired Assurance

Wired Assurance

Wired Assurance is a testing and assurance company, specialized in software applications and blockchain smart contracts.

MiDO Technologies

MiDO Technologies

MiDO Technologies has a mission to change the narrative around digital enabling tools on the continent of Africa and prepare African youth.

Cyber Castellum

Cyber Castellum

Cyber Castellum is a cybersecurity consulting firm that specializes in the identification of security vulnerabilities in an organization’s technology landscape.