Ransomware is a type of malware that encrypts a victim’s files, demanding a ransom to decrypt them. Often deployed as a sophisticated multi-strategy attack involving phishing and fake ads, a ransomware attack can quickly bring a large organization’s operations to a screeching halt.
One notorious ransomware attack involved a Trojan called WannaCry. First discovered in May 2017, it spread exponentially, infecting over 230,000 computers worldwide, including large organizations like FedEx, Honda, Renault, and the British National Health Services (NHS).
Today, ransomware attacks are increasingly commonplace, with attacks affecting companies across multiple industries. Such attacks demand significant amounts per computer, which can add up to a hefty sum when multiplied across hundreds of computers. Because of such a heightened threat of attack and the cost of such attacks, mitigating the risk of ransomware attacks should be a priority for business leaders and corporate IT professionals.
In this post, we share six crucial steps to avert a potential ransomware attack.
6 Steps to Mitigate the Risk of Ransomware Attacks
- Antivirus and Operating System (OS) Updates
Although some ransomware payloads can evade antivirus software, most are detectable and stoppable. Maintaining the latest antivirus version on all network machines will ensure the antivirus’ threat database has all the newest data on emerging threats. Similarly, updating all device OSs will ensure they all have the latest security patches for known vulnerabilities, a loophole that attackers can use to launch zero-day-exploit-based ransomware attacks.
- Browser Ad Blockers and Internet Filters
Employees clicking on malicious web ads can deploy and install a ransomware attack payload that propagates across the network. Installing an adblocker can resolve this issue by blocking all ads as employees browse. If your team needs to see the ads (for instance, for marketing benchmarking reasons), most ad blockers are configurable to enable ads on selected websites.
- Configure Cloud Backup Folders
Cloud backup solutions like OneDrive can be used to configure a cloud folder that syncs all files to the cloud in real-time. They use sophisticated tools that prevent files from being encrypted by a ransomware attack while in that folder. Since ransomware attacks rely on infiltrating and manipulating a computer’s local commands, cloud-based files seal this loophole because they are not tied to local computing architecture.
- Deploy Multiple Protection Layers
Combining multiple security layers like firewalls, antiviruses, ad blockers, cloud backups, and web filters can make it more difficult for an attacker to deploy their payload to the network. Most successful attacks occur when the malware only needs to contend with a single layer of protection, something attackers can easily train the malware to sidestep.
- Institute the Principle of Least Privilege
Malware payloads execute at the same privilege level as the logged-in account. For corporate user accounts, the best way to reduce the risk of a ransomware attack is to leverage the principle of least privilege (PoLP). Using this method will ensure non-essential access rights are abstracted and only core IT personnel have access to full-access admin accounts. Even so, such admin accounts must also have some level of abstraction to eliminate a single point of failure.
- Enforce Email Policies
Employees probably know not to click on links in unsolicited emails. However, without enforcement, this rule is often ignored for the sake of convenience or entertainment. Maintaining corporate email best practices through hard-coded policies and systems can serve as a strong defense against ransomware attacks. One example is using a corporate email security gateway that scans links and attachments and filters spam, preempting any risky actions employees may take.
Last Words
Any company can fall victim to a ransomware attack – it only takes a highly motivated attacker and a lapse in security protocols. However, implementing and enforcing the steps above can make an attacker’s work significantly harder, making it less likely that a malware attack will be successful.
Author’s bio
Ashley Lukehart – Ashley has been writing about the impact of technology and IT security on businesses since starting Parachute in 2005. Her goal has always been to provide factual information and an experienced viewpoint so that business leaders are empowered to make the right IT decisions for their organizations. By offering both the upsides and downsides to every IT solution and consideration, expectations are managed, and the transparency yields better results.