Ransomware – cyber extortion that occurs when malicious software infiltrates your computer systems and encrypts your data, holding it hostage until the victim pays a ransom. Failing to pay the ransom will result in the data being published online and extensive downtime. The likelihood of ransomware attacks can be reduced using a plan covering these actions:
1. Conduct risk assessments and penetration tests to determine the attack surface and current state of security resilience and preparedness in terms of tools, processes and skills.
2. Establish processes and compliance procedures that involve key decision makers in the organisation, even before preparing for the technical response to a ransomware attack.
3. Conduct frequent exercises and drills to ensure that systems are always able to detect the attacks.
4. Back up not only the data but also every non-standard application and its supporting IT infrastructure. Maintain frequent and reliable backup and recovery capabilities. If online backups are used, ensure they cannot become encrypted by ransomware.
5. Restrict permissions and deny unauthorised access to devices. Remove local administrator rights from end users and block application installation by standard users, replacing this with a centrally managed software distribution facility.
6. Research government and regional authorities that have provided guidelines on how organisations can fortify their IT infrastructure against ransomware.
Another layer of protection would be to implement anti-ransomware software RC from Bullwall. It is an innovative, last line of defence software which protects your confidential data against ransomware attacks from any user on any device. It provides a complete 24/7 containment solution.
Contact Martyn to book a demo on 01794 526088 or email m.pegram@aomltd.co.uk
Source: ‘6 Ways to Defend Against a Ransomware Attack’, Gartner