EIBIK.COM

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Pro Tips to Have in Mind When Choosing Luxury Exotic Car Rental Service

    23rd September 2023

    Eco-Friendly Halloween Promotional Items: A Sustainable Approach To Spooky Marketing

    22nd September 2023

    Mob City Unblocked Games: Be the Conqueror of a Criminal Empire in this Thrilling Game

    21st September 2023
    Facebook X (Twitter) Instagram
    EIBIK.COMEIBIK.COM
    • Home
    • News
      • Finance
      • Current Affairs
    • Travel
    • Biography
      • Writer
      • Athlete
      • Politician
      • Scholar
      • People
    • Sports
      • Game
    • Technology
      • Electric & Electronic
    • List Your Business
    • Contact us
    • Write for us
    EIBIK.COM
    Home » Steps for Ransomware Protection

    Steps for Ransomware Protection

    EIBIKBy EIBIK6th June 2023Updated:6th June 2023 Technology 6 Mins Read
    Ransomware Protection
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Here are things you can do right now to shore up your defenses and help your recovery when you get hit.

    Just the thought of ransomware is enough to keep CISOs and security teams up at night. Victims are caught in an awful choice between paying a ransom to a criminal who may or may not release their captured network and data, or potentially spending millions of dollars to remove the ransomware on their own. According to one recent report, the cost for a single ransomware incident averages about $713,000 when you figure in the costs of paying the ransom along with related losses, such as down time, the value of any lost data or hardware, the expense of improving your infrastructure, and the time and money required to repair your brand image. This number can also increase exponentially the longer that critical systems remain offline.

    And, those costs are likely to rise. In a recent attack this year, for example, attackers demanded a payment of 13 Bitcoin (over $75,000) for each computer affected by the attack so users could regain access to their files – far above the normal ransom demand, which previously was just under $13,000.

    Table of Contents

    • You Do Not Have to Be a Victim
    • Ten Things You Can Do Right Now
    • Pass This Along

    You Do Not Have to Be a Victim

    Because of the financial success of ransomware, it continues to attract cybercriminals, who either launch large-scale attacks that seek to suck in careless victims or who carefully plan highly focused attacks aimed at specific targets that are most likely to pay up. Even less technical criminals are jumping on the bandwagon through a growing number of ransomware-as-a-service portals available on the Dark Web.

    Regardless of the approach, however, in today’s digital world, a ransomware attack is more an issue of when than if.

    Regardless of how bleak this news may seem, organizations actually have a way to effectively defend themselves against ransomware. It starts by using some best practices to prevent as many attacks as possible and then taking appropriate precautions so that the impact of any successful attack is minimized.

    Ten Things You Can Do Right Now

    Here, then, are 10 critical steps every organization needs to consider as part of their anti-ransomware strategy:

    1. Map your attack surface. You can’t protect what you don’t know needs to be protected. Start by identifying all of the systems, devices and services in your environment that you rely on to conduct business, and maintain an active inventory. This process not only helps you identify your most vulnerable targets but should also help you map out your system’s baseline for recovery.
    2. Patch and upgrade your vulnerable devices. Establishing and maintaining a regular patching and upgrading protocol is just a basic best practice. Unfortunately, far too many organizations simply don’t do it. Of course, not every system can be taken offline for patching of upgrading. In that case, they need to either be replaced (where possible) or protected using strict proximity controls and some sort of isolation or zero-trust strategy.
    3. Update your security systems. In addition to updating your networked devices, you also need to ensure that all of your security solutions are running their latest updates. This is especially crucial for your secure email gateway (SEG) solution. Most ransomware enters an organization via email, and a SEG solution should be able to identify and remove malicious attachments and links before they are delivered to their recipient. Likewise, an effective web filtering solution that leverages machine learning ought to be able to effectively stop phishing attacks. In addition, your security strategy needs to include things like application whitelists, the mapping and limiting of privileges, implementing zero trust between critical systems, enforcing strong password policies and requiring the use of multifactor authentication.
    4. Segment your network. Network segmentation ensures that compromised systems and malware are contained to a specific segment of the network. This includes isolating your intellectual property and sequestering the personal identifying information of employees and customers. Likewise, keep critical services (like emergency services or physical resources such as HVAC systems) on a separate, segregated network.
    5. Secure your extended network. Ensure that security solutions deployed on your core network are replicated in your extended network – including operational technology (OT) networks, cloud environments and branch offices – to prevent security gaps. Also take time to review any connections from other organizations (customers, partners, vendors) that touch your network. Make sure those connections are hardened and that appropriate security and filtering are in place. Next, alert those partners to any issues you may discover, especially related to the possibility of malicious content being shared or spread through those connections.
    6. Isolate your recovery systems and backup your data. You need to perform regular data and system backups and, just as critically, store those backups off-network so they are not compromised in the event of a breach. Organizations should also scan those backups for evidence of malware. You also need to ensure that any systems, devices and software required for a full system recovery are isolated away from the network so they are fully available should you need to recover from a successful attack.
    7. Run recovery drills. Regular recovery drills ensure that your backed-up data is readily available, all required resources can be restored and that all systems operate as expected. It also ensures that chains of command are in place and that all individuals and teams understand their responsibilities. Any issues raised during a drill need be addressed and documented.
    8. Leverage outside experts. Establish a list of trusted experts and consultants who can be contacted in the event of a compromise to assist you through the recovery process. When possible, you should also involve them in your recovery drills. NOTE: Organizations should also immediately report any ransomware event to the CISA, a local FBI Field Office or a Secret Service Field Office.
    9. Pay attention to ransomware events. Stay abreast of the latest ransomware news by subscribing to threat intelligence and news feeds, make it a habit for your team to learn how and why systems were compromised, and then apply those lessons to your own environment.
    10. Educate employees. Rather than being the weakest link in your security chain, your employees need to be your first line of cyber defense. Because ransomware usually starts with a phishing campaign, it is imperative that you educate them in the latest tactics cybercriminals are using to trick them – whether they target corporate, personal or mobile devices. In addition to the sort of regular, annual security reviews most employees are required to participate in, consider a regular cadence of awareness campaigns. Quick 30- to 60-second video updates, phishing simulation games, email messages from the executive staff and informative posters help maintain awareness. In addition, running your own internal phishing campaigns can help identify employees who may need additional training.

    Pass This Along

    When it comes to cybercrime, we are all in this together. Ensure that you have regular meetings with industry peers, consultants and business partners – especially those essential to your business operations – to share these strategies and encourage their adoption. This will not only ensure they don’t spread ransomware infection up- or downstream, creating liability for themselves and you, but also help protect your organization, since any disruption of their network will likely have a cascading impact on your business.

    Keep Reading

    Benefits of a Reverse Phone Number Lookup for Scam Victims

    Revolutionize Your Ride with Sukıtır Scooters: Style, Speed, and Savings Await

    XCV Panel – Discovering the Cutting-Edge Technology

    Uncovering Amazons GPT55x: AI Advancements and Applications Unveiled

    Hornyfqnz- Its Origin, Symbol and Language, and Impact On Social Medi

    There Was An Error Generating a Response ChatGPT – Read The Steps And Fix It

    Top Posts

    Pro Tips to Have in Mind When Choosing Luxury Exotic Car Rental Service

    23rd September 2023

    Top 20 Best Family Resorts in Cancun all inclusive

    6th June 2023

    Top Best Chest Rigs

    6th June 2023

    Best Trail Camera Under 100

    6th June 2023
    Don't Miss

    What You Should Include in Your Semi’s Pre-Trip Inspection

    Business 25th November 2021

    Before each time you drive your semitruck, it’s a good idea to conduct a pre-trip…

    AC Service: The Best AC Service Maintenance Tips For Longer Life Span

    3rd December 2021

    Revitalizing Homes: The Advantages Of Roof Restoration In Sydney

    22nd August 2023

    10 Ideas To Inspire Your Next Bathroom Remodeling Project

    23rd July 2023
    Stay In Touch
    • Facebook
    • Twitter
    • LinkedIn

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Editors Picks

    What Exactly Is The Difference Between A Fashion Trend And A Fashion Cycle?

    26th April 2023

    Choosing An Eye Care Center: What To Look For

    3rd March 2022

    Custom Lipstick Boxes: How Can They Help You Promote Your Products?

    6th June 2023

    How to Remove Ketchup Stains from Couch

    24th November 2021
    Latest Posts

    Sofia Black-D’Elia Biography | Career, Early Life And More

    5th June 2023

    Third Time Lucky How I Conquered WordPress

    25th July 2023

    Replacement of Your Window Air Conditioner

    21st December 2021
    Advertisement
    © 2023
    • About us
    • Privacy Policy
    • Terms and Conditions

    Type above and press Enter to search. Press Esc to cancel.