Ransomware is becoming more sophisticated and dangerous
Years ago, ransomware protection came down to building a strong 3-2-1 backup plan and verifying your backups with the occasional restore. However, modern ransomware has evolved to filter your data in addition to encrypting it. Even if you have good backups, hackers know they can post your critical data online to force you to pay the ransom. Therefore, the only protection available today is prevention.
Prevention required training and testing of your employees including yourself. Learn how to identify and avoid phishing attacks, one of the main methods of infecting companies with ransomware. Remove local administrative rights to prevent a wrong click from introducing malware into your environment. Segment your network and restrict access to data stores and databases to prevent encryption and infiltration of data that most users never need access to.
In addition to the ransomware protection measures above, follow CyberHoot’s top tips below. Scroll down for further reading and an important video tutorial.
CyberHoot Best Practices:
- Train your employees on the common attacks out there. From weak passwords and password managers, to the importance of multi-factor authentication and how to spot phishing attacks. Awareness is the key to protecting your business.
- Control your employees with a cybersecurity policy, including acceptable use, password, information handling, and a written information security policy.
- Establish cybersecurity best practice processes, such as the Vulnerability Alert Management Process (VAMP) and the Cybersecurity Incident Management Process (CIMP) to guide and require action in response to an emergency. Then move on to the onboarding and offboarding processes, SaaS management processes and third party risk management.
- Create strong technical defenses including: firewall, anti-virus, anti-malware, anti-spam, multi-factor authentication on all critical accounts, enable full disk encryption, manage keys carefully, and most importantly, adopt, train and require all employees to use the manager Passwords.
- Test employees on how to spot and avoid phishing attacks. CyberHoot has released a disruptive method of Phish Testing to fill your employees’ knowledge gaps without punishing them for failure. Instead we reward them for success. More information is available here.
- Back up your data by following our 3-2-1 backup methodology to ensure you can recover your business from a cyber security incident.
- In the modern age of working from home, make sure you manage personal devices that connect to your network by verifying their security (patching, antivirus, DNS protections) or completely banning their use.
- If you haven’t had a third-party risk assessment done in the last two years, you should do it now. Establishing a risk management framework in your organization is critical to addressing your most difficult risks with your finite time and money.
- Buy cyber insurance to protect you in the event of a catastrophic failure. Cyber insurance is no different than car, fire, flood or life insurance. It’s there when you need it most.
CyberHoot believes that for many SMBs and MSPs, you can greatly improve your defenses and the chances of not becoming another victim of a cyber attack if you follow the advice above.
