Combating Ransomware

Combating Ransomware There are a growing number of tools available to combat ransomware at the endpoint, but the truth is, […]

Posted on Aug 16, 2017

Combating Ransomware

There are a growing number of tools available to combat ransomware at the endpoint, but the truth is, it’s vital to stop ransomware before it gets to the device level.  As rampant as ransomware is today, there are some concrete steps that an organization can take to effectively prevent an attack.

Email Protection
Email protection is paramount as email continues to be the primary launching mechanism for ransomware.  Ransomware distributers use embedded links and attachments to entice unsuspecting users to click these and launch malware deployments.  Today’s email security solutions must do more than just stop SPAM.  An email security solution today must also block and eradicate viruses, malware, infected attachments and links to malicious websites.  Besides ransomware, an email security solution will also protect your users from phishing attacks and BEC attacks.

Web filtering
Users can inadvertently download ransomware by visiting a malware launching site or by simply browsing a drive-by website.  Many sites are infected with ransomware installation files that have been deposited there by hackers.  A modern day web filtering solution protects the Internet sessions of your users in two ways.  It first blocks access to known malicious or malware infected sites.  Then it filters all web traffic through a gateway antivirus.

Patching and Updating
Keeping your operating systems, applications and web browsers patched and up to date is imperative.  Had enterprises simply installed update (MS17-010) on its non-supported Windows devices, they could have escaped free of the damage that WannaCry inflicted to so many networks with legacy Windows devices.  There is a reason why vendors regularly release patches and updates for their customers.  New zero-day vulnerabilities are continually being discovered, forcing developers to release patches to combat these as quickly as possible.  Patching and updating is probably the most important routine task for any IT team.

3-2-1 Backup Model
Backing up your data is a critical function in the protection of your data.  It is important to follow best practices when conducting regular backups of your data to ensure that your backups can be properly restored if that fateful day ever comes to fruition.  The 3-2-1 model simply transcribes into the following practice:

Retain 3 copies of your data
Utilise 2 types of media for them
Keep 1 copy offsite / offline at all times

Following this proven model will allow you to quickly restore corrupted or lost data in the event of drive failure, disaster recovery, and of course, malware encryption.