What is Ransomware protection?
Author: Alon Josefsberg, Trustmarque cyber security pre-sales consultant
The effects of a ransomware attack, like any other cyber attack, can be devastating and have far reaching consequences than just financial. And like any other cyber attack ransomware can be defended against, with the right investment. Here will talk about ways to protect your organisation against it. But first…
What is ransomware?
Ransomware is a type of malware that prevents you from accessing your device and systems and the data stored within. This is usually done by encrypting your files. Criminals will then demand a ransom in exchange for decryption. The computer itself may become locked, or the data on it might be encrypted, stolen or deleted. The attackers may also threaten to leak the data they steal.
Q: How to protect your network, devices and apps from a ransomware attack?
A: Prevent malware from getting in and spreading.
Email is a common way of entry into organisations. Phishing emails encourage the recipient to click a link or reveal login credentials. Reputation-based software and machine learning detection helps you efficiently catch these attacks. As does having well trained users who know how to spot tell tale signs of phishing emails.
Web filtering blocks certain known URLs and stops users from viewing them. Web filtering software determines site and content quality by consulting a constantly updated URL database that identifies website domains associated with hosting malware, phishing, viruses or malicious activities.
Identity and Access Management (IAM) secures your data and systems by letting you control who is authenticated to sign in and has authorised permissions to use tools and resources.
Detecting lateral movement within your network after a hacker gains initial access. They then move undetected further into your organisation and go on to compromise your environment further.
Ensure your line of defence
Endpoint security secures you end-user devices – desktops, laptops, and mobile devices. Endpoints by use and design are access points your network. However, they also entry points that can be exploited. Through encryption and application control, endpoint security software controls and secures devices accessing your network and monitors and blocks unsafe activities.
Patching or virtually patching is good practice and using a multilayer approach protects against threats that exploit known and unknown vulnerabilities. Patching stops vulnerabilities and exploits at the network level and not the end-point software solutions.
Cyber awareness training for your users teaches your users how to identify, prevent and respond to cyber threats. It can usually be done online and be incorporated into your company’s annual employee mandatory training. Here are some top tips for staff from NCSC.
Backing up your data is essential in the event of an attack. Regular backups ensure you can restore your systems and minimise disruption to your services. You also need to take steps to ensure that your backup solutions are secure too and include them in your security strategy.
Getting the right ransomware protection
As with any other cyber security solution, getting the right fit for you can be difficult. At Trustmarque we work with many different providers and can help you to choose which services and solutions will meet your requirements and compliance needs.
Whatever security you have in place right now we can help you prevent, protect, and recover from ransomware. To get started talk to us and arrange a call for a ransomware workshop with a Trustmarque cyber security expert.
Author: Alon Josefsberg, Trustmarque cyber security pre-sales consultant
