We’ve seen a noticeable resurgence in ransomware attacks over the past several months. Baltimore and two cities in Florida recently fell victim to large-scale ransomware attacks. Baltimore ended up spending millions cleaning up their networks, while Riviera Beach and Lake City, FL, had to pay $600,000 and $500,000, respectively, to unlock their data. These attacks are a reminder that anyone can be the target of a ransomware attack.
What strategies does your organization have in place to defend against ransomware? If you don’t have a concrete answer to this question, this post will explore some of the fundamental strategies you can implement to protect your network from ransomware at every level.
Backing up your network data to protect against ransomware should go without saying, but we’ll say it anyway. Most important, however, ransomware often encrypts all network data, including backups, making network backups inaccessible for restoration. That’s why it’s essential to back up data to an external drive or use a cloud backup service that’s only connected to your network while performing the backup.
Prioritizing redundant network backups that remain isolated from core network operations is a fundamental first step to defending against ransomware attacks. If you always have a recent, unencrypted backup of your network data, you’ll never have to worry about losing it to ransomware.
Filter Out Executables
If you’re using a gateway mail scanner with the ability to filter out emails containing specific files, you should consider filtering out emails containing .EXE files. There’s rarely a justifiable reason for sending executables via email (it’s much more efficient to share executables via a flash drive or a cloud drive anyway), and if you receive an email from a suspicious sender with an .EXE attached, chances are it’s malware of one form or another and possibly even ransomware. Filtering out emails containing executables significantly reduces the risk of an employee clicking on a malicious .EXE attachment without thinking and compromising your network data.
Disable Remote Desktop Protocol
Cybercriminals have been exploiting machines using Remote Desktop Protocol (RDP), a built-in Windows tool that lets others access and control a computer remotely. While there are legitimate uses for RDP, including remote IT troubleshooting services, consider disabling it if your team doesn’t rely on it for day-to-day operations. This prevents cybercriminals from remotely accessing a device on your network and decrypting data.
Use a Robust Security Suite
If you aren’t already doing so, installing anti-malware software on all the computers on your network can help identify, contain, and remediate potential threats before data is compromised. While they’re not foolproof, they can help catch malware that may turn out to be a latent ransomware threat. If you want to take your security suite to the next level, consider partnering with a managed service provider for around-the-clock network monitoring to detect suspicious activity.
Prioritize Updates and Patches
Make sure you’re regularly updating and patching all the software on network devices. Cybercriminals often target and exploit devices using outdated software with known security vulnerabilities. Outdated software frequently offers cybercriminals backdoor access to your network, so simply updating software can help protect your network by patching over known security vulnerabilities.
Worst Case: Disconnect!
We’ll use this last tip to offer a simple suggestion on what you should do if you suspect your computer has been infected with ransomware. If you accidentally opened an .EXE or downloaded a suspicious file you realize may have been malware, disconnect your computer from all network cables and the power source immediately. While some damage may have been done, you can drastically mitigate that damage merely by disconnecting your device from the network. It takes some time to encrypt all the files on a network, so disconnecting a compromised device as soon as possible may curb some damage and is a better alternative than doing nothing.
The Los Angeles Cybersecurity Experts
If you’re ready to start taking a proactive approach to protecting your network from ransomware attacks, contact the cybersecurity experts at Be Structured today. Our team leverages the latest cybersecurity strategies such as vulnerability and penetration testing to unearth any potential security loopholes. We’ll work with you to pinpoint industry-specific threats and develop a customized cybersecurity platform that protects your network at every level while defending against the latest threats.