Active Defence Strategies Against Ransomware

As of late not a day has gone by where a reported ransomware attack hasn’t cropped up in the news. This is most likely, in part, as a result of the pandemic and with victims desperate to get their data back, attackers are often successful in gaining exactly what they demand. Many companies already take measures to protect their cloud data and on premises infrastructure but is that enough? Let's talk about some of the ways in which you can help your company prevent ransomware attacks. 

Cyber Security Auditing 

The shortest path to protection is understanding where exactly your vulnerabilities lie, start thinking like a hacker and asking, how can I find my way into the system? 

The two main types of vulnerabilities are compromised login credentials and IT infrastructure vulnerabilities. It is unlikely that a company’s own security team will admit to their own vulnerabilities so it is always best to have an independent third party carry out a thorough cyber security audit. Organisations that carry out these audits will use the latest threat intelligence technologies to analyse your security posture and formulate a security plan to put in place. 

Install Content Scanning/Filtering on Email Servers 

Emails being received should be scanned for known threats and any suspicious links or downloads sent from an untrustworthy email should be blocked. Attachments that you aren’t expecting could pose a serious threat. 

Back-up Files 

Backing Up important data is the single most effective way of recovering from a ransomware attack. Your backup files should be stored offline and out of band so they can’t be targeted by hackers. Using a cloud server may be helpful as many retain previous versions of files allowing you to go back to an unencrypted version. 

Incident Response Planning and Policy 

Your company needs an incident response plan in order to know what the procedures are when faced with a cyber threat of any kind. Should a ransomware attack take place an Incident Response Plan will allow your IT team to know what to do during the event. The plan should consist of defined roles and communications to be shared during an attack and also a list of contacts such as any partners or vendors that need to be notified. You should also consider having companywide policies such as outlining what employees should do if they receive say a suspicious email, this could be as simple as forwarding it to the IT security team.  

Cyber Security Awareness Training 

Understanding where a risk might lie is an active part of cyber security threat detection. Training your employees is key to stopping ransomware in its tracks. When an employee can spot and avoid malicious emails, everybody is playing a part in protecting the organisation from breaches and not letting the responsibility fall solely on the IT team. 

Intrusion Detection System (IDS) 

Implementing an IDS is a good idea because it can look for malicious activity by comparing network traffic logs to signatures that detect known malicious activity. A robust IDS will update signatures often and alert you should it detect suspicious activity. 

What can Securiwiser do for your Organisation? 

Securiwiser is a robust monitoring tool that will evaluate the cyber security posture of your company by scanning your devices, networks, website and systems in order to ensure they are free of unauthorised activity. Securiwiser runs continuously for twenty-four hours and should any suspicious activity occur you will be notified immediately and a detailed report will be sent to you, outlining the problem. You will also receive grades based on how well each aspect of your security is performing so you will always know what needs improvement and attention.