Almost every company today is at risk from cyber-attacks. However, taking the proper steps can prevent a ransomware attack and data loss.
The latest victims of ransomware, such as Media Markt / Saturn, the medical service provider Medatixx or the US broker Robinhood, show the range of goals of the attackers: Ultimately, every industry and every company is at risk. But even if a ransomware attack seems like an inevitable evil, there are several measures that companies can take to prevent an attack and data loss within your organization. Guest author Michael Scheffler from Varonis Systems explains what needs to be considered and gives essential tips.
Table of Contents
Ransomware Attack: Raise Awareness Among Your Employees
Use security training in your company to give your employees a better understanding of cybersecurity and what it means. Carrying out these training courses contributes to establishing a security culture and making the company more resistant to cyber-attacks.
Reduce Your Explosion Radius
This equates to the damage that could be caused by compromising any single user or device. The fewer permissions each account has, the smaller the explosion radius. Therefore, it is of the utmost importance to restrict access, especially to critical data, to those who need it for their work.
Use Email And Endpoint Protection
Scan all emails and filter out malicious attachments and links. Always keep firewalls and security software up-to-date with the latest malware signatures. It is also helpful to mark emails that come from outside your network especially. Implement a zero-trust security model: assume that your protection system will be breached and ensure everything within your perimeter is safe and secure. With the zero-trust approach, the credentials of every user and every device are checked each time a resource is accessed inside or outside the network.
Ransomware Attack: Detect Abnormal Behavior
Thanks to the intelligent analysis of user and entity behavior (UEBA), unusual behavior of users and devices can be identified and automatically stopped before significant damage occurs.
Strengthen Your Password System Against A Ransomware Attack
Password security is critical to protecting your assets, such as sensitive company data. Use two-factor authentication in your company to prevent the sharing of passwords and the repeated use of the same password. A single sign-on system can also contribute to additional security.
Create Immutable Offsite Backups
Make sure you have backup copies of all critical or sensitive data and systems. Train your recovery measures in case a ransomware attack occurs. Limit access to backups as ransomware attackers often target backup files to limit the ability to restore them. However, it should be noted that backups do not offer any protection in the case of double extortion ransomware, in which necessary data is first exfiltrated before encryption. Therefore, solutions should be in use that can detect and stop data theft.
But even if a ransomware attack seems like an inevitable evil, there are several measures that companies can take to prevent an attack and data loss within your organization. It is also helpful to mark emails that come from outside your network especially. Implement a zero-trust security model: assume that your protection system will be breached and ensure everything within your perimeter is safe and secure.
Also Read: Protect Your Data From Ransomware Attacks