Firstly – what is Ransomware?
Ransomware is a type of malware from crypto virology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called crypto viral extortion. It encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented crypto viral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies which are used for the ransoms, making tracing and prosecuting the perpetrators difficult.
Ransomware attacks are typically carried out using a Trojan disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, travelled automatically between computers without user interaction. For a more lengthy description of Ransomware – click here.
Assess your vulnerability’s risk potential and prioritise smartly
Understanding the risk brought on by each of the vulnerabilities is critical in your vulnerability management process. With risk-based vulnerability management in place, you can prioritise the vulnerabilities based on your severity level and plan your “clean-up” efforts wisely.
Patch vulnerabilities on time without leaving any security gaps
Identifying threats is one part and remediating them on time with relevant patches takes your vulnerability management game to the next level. Without timely remediation, you keep the gates open for attackers to invade your network. An integrated vulnerability and patch management suite might do wonders in strengthening your organisations security posture.
Check antivirus availability and ensure regular updates
Antivirus software acts as a security gate-keeper in each system, protects the network from viruses, and alerts any potential threats. It is also important that the antivirus software is updated on time to increase its effectiveness and ensuring it never runs out.
Monitor your endpoint activities closely
Endpoints are the major component of your IT infrastructure and the backbone of your business. Numerous activities occur within them every day and monitoring them continuously can help prevent security attacks. Providing cyber-security training and the dos and do nots can help strengthen your Endpoints knowledge and prevent a few attacks.
Set strong application and device controls
Allowing the use of any application or device in your network might invite unnecessary security breaches. Implement strong application and device controls in your network and instantly block the applications, USBs, and outer devices posing any security threats.
Configure strong password management policies
Easy passwords are a walk in the park for intruders. Allowing guessable passwords on your endpoints might not only allow attacks from outside but also paves the way for insider attacks. Set a firm password policy that insists users change their password frequently and use characters and numbers in their system password.
Harden system configurations and abide by security compliance
Various industry compliance schemes such as various ISO accreditations and PCI compliance enforce security controls for organisations. These controls harden system configurations and prevent attacks. Explore these accreditations or create your own security policies and implement them across your network.
Contact us today for your FREE security audit with no obligations! This will include phishing simulation, Network vulnerability scan, Internet security assessment and of course a report with recommendations once completed.