IN-HOUSE PREVENTION

Ransomware: How to protect your company against attacks

30 May 2022

Ransomware is one of the most potent threats to modern business, targeting organizations both large and small. To conclude our series exploring the various techniques used by cybercriminals to drop ransomware on corporate networks, we'll explore what organizations can do to ensure they can mitigate the risk.


Read more articles from the series:

PART 1: Ransomware: What SMBs should know 

PART 2: Ransomware: The many dangers of Remote Desktop Protocol

PART 3: Ransomware: How to provide a valuable layer of protection to email

PART 4: Ransomware: The need to protect the weakest link, your supply chain

PART 5: Ransomware: A game of cat and mouse


 

Education

It is vital to educate staff on the attack vectors cybercriminals use to get ransomware onto the network. There's a reason they continue to use malicious links and infected attachments within emails: because it works.

 

Share the knowledge and get teams to undertake regular Cybersecurity Awareness Training. Employees who recognize phishing, avoid online scams and understand the techniques cybercriminals use add a vital layer of protection for the business.

 

Make it clear that staff should report suspicious messages and attachments right away. Early warnings can help an organization tweak its spam and content filters and bolster its firewalls and other defenses.

 

Make sure you have a plan in place in case a threat is reported, and that you can execute it when necessary. 

 

Segmentation

To maximize its impact, ransomware is designed to spread to as many machines on your network as possible. Therefore, limiting the number of machines that an attacker can reach from a single entry point means you can limit the damage.

 

There are several approaches to implementing such a strategy, but the most common is network segmentation. This is particularly relevant in the cloud, where low cost and the relative ease with which new servers can be provisioned make it a fertile hunting ground for cybercriminals. Whether on-premises or in the cloud, make sure every part of the network is properly authorized and securely configured.

 

Patching

You need to stay ahead of the bad guys. Timely patching of applications and operating systems closes off potential avenues of attack. Plus, even if a ransomware attack does manage to penetrate your network, patching can reduce the damage caused. However, it can be more complicated than it sounds. It is always recommended to thoroughly test patches before they are deployed.

 

An intelligent, multi-platform patch management solution is highly recommended. It provides businesses with complete visibility over their systems, enables them to fix vulnerabilities before they are actively exploited and lets their teams know what to patch and how.

 

Back up data

Today, there is more data to be backed up than ever before. The volume of data created, captured, copied and consumed worldwide is expected to reach 181 zettabytes by 2025. A properly managed backup and recovery program provides a safety net for organizations and is crucial for recovery efforts should ransomware strike.

 

An all-in approach is needed, though. Unless the backup strategy is comprehensive, there is always a chance that the purveyors of ransomware will find that one device that was not backed up. Backing up data and system state on all endpoints, servers, mailboxes, network drives, mobile devices and virtual machines is crucial. When backing up data, organizations shouldn’t underestimate the usefulness of write-once media. Files stored on media that is not rewritable are immune from the predations of ransomware.

 

Comprehensive protection

To best protect yourself against the scourge of ransomware, ensuring you have a comprehensive cybersecurity strategy is vital. It is important to implement the latest patches, back up your data, segment your network and educate users. All of this should then be underpinned by implementing a robust, award-winning security solution.

 

Banner referring to ESET PROTECT Advanced security solution

Read also

Cyber-aware culture Interview with Daniel Chromek

Want to Build a Cyber-Aware Culture? Find a Way to Pass on Knowledge Without Scaring Employees

Cybersecurity education could be compared to taking an exam. You learn something to prepare for the test, but if you don't use that knowledge again for a long time, you forget it. This is often the case with cybersecurity training for employees, which takes place once or twice a year. Education should be an ongoing process for best results.

ransomware-latest-trends-eset

How Menacing Are the Latest Trends in Ransomware?

Ransomware is one of the most common cyberthreats to small and medium-sized businesses. Despite the fact that you are already aware of the damage that ransomware can cause, the cybercriminals behind such attacks show persistent effort to discover any weakness in your defenses. Attacks against databases, web servers and smartphones are on the rise.

Data backups and recovery_cover photo

Data backups & recovery: How can they save your business?

Why back up data if I've never lost any? Greg Bak, product development manager at data protection, backup and disaster recovery software vendor Xopero, often hears this question from businesses. "But the query should be put differently," Bak said. "Business owners should rather ask: If someone takes away my computer right now, would I be able to continue working and guarantee business continuity?" Many companies don't realize how dependent on digital data they actually are. Here are some of the insights he's shared to help you recognize the importance of regular data backups.

How to Improve Cybersecurity Awareness

How Can You Improve Cybersecurity? Keep All Employees in the Loop

Building a cyber-aware culture should be a part of a long-term IT security strategy – in any company. In reality, however, companies often do not go beyond some form of basic cybersecurity training for employees. Of course, it's not possible to build such a culture in a day. But where should you start?

Ransomware series part1_cover

Ransomware: What SMBs should know

Ransomware is one of the biggest threats to businesses today, and with new attacks hitting the news on a daily basis, the risk can seem overwhelming. But what actually is ransomware, and how can businesses protect themselves? In this series, we will take an in-depth look at ransomware, highlighting specific methods of attack such as email compromise, vulnerabilities and the Remote Desktop Protocol, delving into supply chain attacks, and giving advice on how businesses can mitigate the risk .

Ransomware series part2_cover

Ransomware: The many dangers of Remote Desktop Protocol

In the first part of this series, we gave a basic overview of ransomware and how it works. Now, we are delving deeper into the specific ways in which ransomware operators infiltrate your systems, starting with Remote Desktop Protocol.

Ransomware series part4_cover

Ransomware: The need to protect the weakest link, your supply chain

So far in our ransomware series, we have looked at the basics of ransomware, Remote Desktop Protocol and email compromises. In this blog, we take a look at how businesses can be attacked through their supply chains.

Ransomware series part3_cover

Ransomware: How to provide a valuable layer of protection to email

As we discussed in our blog exploring Remote Desktop Protocol, ransomware is on the rise, and has been exacerbated by the current work-from-home trend. While the bad guys use many attack vectors to attempt to infiltrate your systems and plant ransomware, the most popular – by far – remains email.

Ransomware series part5_cover

Ransomware: A game of cat and mouse

In previous blogs we focused on how cybercriminals utilize vulnerabilities in Remote Desktop Protocol (RDP), email and supply chains to drop ransomware onto an organization’s systems. Although these are popular methods, they are by no means the only techniques used by those with malicious intent.