Ransomware Safeguards
Posted September 2020
Ransomware Safeguards:
Servers are the backbone of businesses. Business-critical systems run on them, they also process and store a huge amount of sensitive company and client data. They are an organized online attacker’s most sought-after and prized target. Their weapons of choice? Spyware and ransomware.
Recently you may have heard about the fitness brand Garmin paid millions of dollars in ransom after a cyberattack took many of its products and services offline. The payment was made in order for Garmin to recover data held hostage as a result of the attack.
In our own industry, Canon, Xerox, and Konica Minolta have been hit with ransomware attacks. We have seen time and time again where hacker groups encrypt sensitive files and shake down the organization for money. Unfortunately, there is a long list of large companies that are popular targets alongside hospitals and local governments. Bigger companies make attractive ransomware targets for obvious reasons. But ransomware attackers are also opportunistic, and a poorly secured healthcare system or city—neither of which can tolerate prolonged downtime—has long offered better odds for a payday than corporations that can afford to lock things down.
Here are some safeguards to put in place:
Implement security awareness programs to educate employees on how ransomware is being deployed and how to avoid spear-phishing attacks. Individual users can assist greatly by being aware of the potential for unsafe attachments, but should also be wary of clicking any email links received in any communication, as criminals are increasingly utilizing URL links rather than file-based attachments to infect networks.
Basic actions like updating anti-virus and anti-malware software with the latest signatures as well as regular scans are also a necessity at this point.
Create an application whitelist allowing only specific programs to run on a computer, including the disabling of macro scripts from Microsoft Office files transmitted over email.
Organizations need to back up data regularly to a nonconnected environment and verify the integrity of those backups regularly.
Non-networked backups and a fallback email and archiving process need to become standard security measures if organizations are to significantly mitigate ransomware threats.
It is important to stay abreast of this constantly evolving subject in order to protect your organization from cyberattacks. If you don’t have the time or resources to do this, TGI is here to help. We stay vigilant for you. Preparation and prevention are the most critical steps to take. Reach out to TGI’s IT team today to see how we can help you prepare.