Friday, May 18, 2018

How to prevent a ransomware attack!


How does a ransomware infection occur?

  • Email messages that carry downloader trojans, which attempt to install ransomware
  • Websites hosting exploit kits that attempt use vulnerabilities in web browsers and other software to install ransomware

More recent ransomware have worm-like capabilities that enable them to spread to other computers in the network. For instance, Spora drops ransomware copies in network shares. 
  1. Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.
  2. Keep all software up to date, including operating systems and applications.
  3. Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
  4. Back up all information to a secure, offsite location.
  5. Segment your network: Don't place all data on one file share accessed by everyone in the company.
  6. Train staff on cyber security practices, emphasizing not opening attachments or links from unknown sources.
  7. Develop a communication strategy to inform employees if a virus reaches the company network.
  8. Before an attack happens, work with your board to determine if your company will plan to pay a ransom or launch an investigation.
  9. Perform a threat analysis in communication with vendors to go over the cyber security throughout the lifecycle of a particular device or application.
  10. Instruct information security teams to perform penetration testing to find any vulnerabilities.