Preventing Ransomware Attacks

Uploaded on 2021-06-01 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

Malicious software that uses encryption to hold data for ransom has become wildly successful over the last few years. The purpose of this software is to extort money from the victims with promises of restoring encrypted data. Ransomware is malware that encrypts a computer system’s data and demands payment to restore access. 
 
Paying the ransom does not guarantee you will get the private key to restore your data. Instead, protect your files by using protective measures in your day-to-day operations. In case of an attack, you can return files to their original state.
 
Ransomware is like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it. The chances of infection can be significantly reduced both by security software and by paying sufficient attention. By using anti-ransomware, you can avoid a situation in which you have to pay horrendous sums for the possible release of your data. 

Security recommendations For Dealing With   Ransomware.

  • Do not pay the ransom:  It only encourages and funds these attackers. Even if the ransom is paid, there is no guarantee that you will be able to regain access to your files.
  • Restore any impacted files from a known good backup:   Always back up your data. Restoration of your files from a backup is the fastest way to regain access to your data.
  • Do not provide personal information when answering an email, unsolicited phone call, text or other message:  Phishers will try to trick employees as well as individuals into installing malware, or gain intelligence for attacks by claiming to be from IT or a reputable business. Never give out your personal information to unsolicited people.
 
For organisations to be secure and protected against ransomware attacks and to help with recovery from if they do happen, the US National Institute of Standards and Technology (NIST) has published a series of tactics. NIST’s advice includes:  
 
  • Use antivirus software at all times.
  • Keep all computers fully patched with security updates.
  • Use security products or services that block access to known ransomware sites on the internet.
  • Configure operating systems or use third-party software to allow only authorised applications to run on computers, thus preventing ransomware from working.
  • Restrict or prohibit use of personally owned devices on your organisation’s networks and for telework or remote access unless you’re taking extra steps to assure security.
NIST also advises users to follow these tips for their work computers:  
 
  • Use standard user accounts instead of accounts with administrative privileges whenever possible.
  • Avoid using personal applications and websites, such as email, chat and social media, on work computers.
  • Avoid opening files, clicking on links, etc. from unknown sources without first checking them for suspicious content. For example, you can run an antivirus scan on a file, and inspect links carefully.
In case of an attack, NIST recommends that organisations follow these steps to accelerate their recovery: 
 
  • Develop and implement an incident recovery plan with defined roles and strategies for decision making.
  • Carefully plan, implement and test a data backup and restoration strategy.
  • Maintain an up-to-date list of internal and external contacts for ransomware attacks, including law enforcement. 
The best way to recover from ransomware is to restore data from a backup. Backups bypass the ransom demand by restoring data from a source other than the encrypted files.
 
Hackers know this, so they develop ransomware that scans the network for backup files. After restoring from a backup, you still must remove the ransomware from the network. An effective way to stop malware from encrypting backup files is to keep a copy of your backups offsite. Cloud backups are the typical choice for businesses that need an offsite backup solution. Using cloud backups, you keep a copy of your files safe from ransomware and other cyber security threats.
 
NIST:     NCSC:       NCSC:        Kaspersky:       Norton:         Trend Micro:      Thales:       I-HLS:    Image: Unsplash
 
You Might Also Read: 
 
Will Governments Ban Ransom Payments To Hackers?:
 
« Denmark Helped NSA Spy On European Union
Cyber Security: Its Good To Talk »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Detectify

Detectify

Detectify is a web security service that simulates automated hacker attacks on your website, detecting critical security issues before real hackers do.

Aptive Consulting

Aptive Consulting

Aptive is a cyber security consultancy providing Penetration Testing and Vulnerability Assessment services.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

Green Hills Software

Green Hills Software

Green Hills Software is the largest independent vendor of embedded secure software solutions for applications including the Internet of Things.

VTT Technical Research Centre of Finland

VTT Technical Research Centre of Finland

VTT is the leading research and technology company in the Nordic countries. Areas of activity include cyber security.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

Appdome

Appdome

Appdome is the industry's first mobile integration as a service company, providing solutions for enterprise mobility and mobile application security.

Jamcracker

Jamcracker

Jamcracker is a cloud services management and cloud governance solutions company, with more than a decade of experience providing industry leading software and services.

FFRI Security

FFRI Security

FFRI is committed to research and development of preventing the most advanced cyber-attacks and breaches.

RangeForce

RangeForce

RangeForce delivers the only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hand-on training.

LevelOps

LevelOps

LevelOps is an industry application security platform that tracks and develops your application security.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

VulnCheck

VulnCheck

VulnCheck helps organizations outpace adversaries with vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Quantum Security Services

Quantum Security Services

Quantum Security Services is a specialist information security firm providing a range of risk, compliance and technical security services.

VicOne

VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry.