Are your cybersecurity defenses strong enough to fend off ransomware?:
Best practices to reduce your attack surface – and your organization's risk
A ransomware attack can happen to anyone, at any point. Whether you’re an organization with thousands of employees worldwide, or an individual handling basic data and technology, no one is exempt from the threat of malicious actors.
The evolution of ransomware
Ransomware is a type of malware designed to limit access to or hijack unsecured data from an IT environment. Unless the victim pays the ransom, an attacker will delete or release the compromised data to the public.
Ransomware has become so sophisticated that it’s evolved into a business model called ransomware as a service. An attacker no longer has to be a hacker. These days, anyone can buy critical data aimed to extort on the dark web, and there’s a simple series of steps the criminal can follow:
- Infect an end user device via spam or a malicious link
- Establish command and control of the target
- Encrypt the compromised files
- Request payment from the file owner to unlock files
Is my organization a target?
While many different threat vectors are available to access a company’s data, attackers typically target one of the largest attack surfaces available—the end-user’s email. Spear phishing emails are targeted at individuals and often successfully break through endpoint protection software.
Because ransomware has become so profitable and easy to deploy, cybercriminals view any organization as a potential target. Large corporations result in larger payouts, but targeting several smaller, less protected organizations can yield a similar windfall. All the hacker needs is an opportunity.
Software-, infrastructure-, and platform-as-as-service models help curb the threat of cyber intrusion, but these added controls usually result in increased investment. Even then, these solutions aren’t foolproof. Third-party service providers can also fall victim to cyberattacks.
What are the best practices to defend against ransomware?
Your organization cannot decrease its cybersecurity risk to zero. But these practices can reduce your attack surface:
Basic
- Security awareness training: Periodically test your employees’ ability to avoid malicious content.
- Data backups: Back up your systems regularly, and store that backup offline on a separate device as part of a recovery plan.
- Email filtering: Employ controls to filter out malicious emails, including attachments and URLs.
- Install security patches: Maintain patching and updates for your operating systems, devices, and software.
Advanced
- Cybersecurity drills: Conduct an internal cybersecurity drill to test your organization’s ability to respond.
- Endpoint protection: Enable endpoint agents on end-user devices and servers to protect against threats.
- Privileged Access Management (PAM): Limit permissions to the fewest users possible to reduce the potential impact on business-critical systems.
- Cyber insurance: Ensure cyber insurance is in place and keep a third-party incident response firm on retainer.
Optimized
- BYOD management: Limit the exposure from end-user mobile devices to your network.
- Application whitelisting: Prevent end users from downloading or running unauthorized applications.
- Network segmentation: Segment your network into security zones to prevent infection in one area from easily spreading to another.
- DNS filtering: Implement DNS filtering to block access to malicious content.
How can SHI help?
Your organization’s risk appetite – and how much you are willing to invest in ransomware protection – depends on your business objectives and IT budget. Our team provides a tiered approach based on your organization’s needs.
We can review your organization’s security posture and conduct a Ransomware Readiness Assessment that answers the following questions:
- Does your organization have the right tools and practices to protect against and manage ransomware attacks?
- Are you utilizing them?
- Are they effective?
Don’t let your organization’s data fall victim to ransomware. Your budget should go towards your technology objectives, not cybercriminals. Let SHI help you develop an actionable ransomware readiness plan – before it’s too late.