The latest spate of ransomware attacks, affecting at least 2,000 organisations and individuals, has again drawn attention to the vulnerability of online systems to ransomware—a type of malicious software designed to encrypt your files and threaten to delete them, or completely lock you out by preventing access to your desktop, unless you pay a sum of money.
The main takeaway from the global ransomware attacks is that they could have been avoided—it’s estimated that more than 93 percent of organisations fail to deploy the technologies available to protect them from malicious attacks. Experts agree: there are steps you can take to ensure protection from ransomware.
1) Integrated strategy is key
As the cyber security threat grows in frequency and severity, IT professionals now spend 23 percent of their time on security. In order to get the job done, an IT security strategy must cover many different types of security technologies, all working together to achieve a level of protection that stands up to the challenges of today as well as those of the future. There is no silver bullet that can stop every malicious attack, which means a robust cyber security strategy must defend every point of entry, exit, movement and point of rest.
Deciding which anti-malware software is right for your company may take some research. If you lack the in-house skills to properly assess your risks and solutions, investigate the benefits of an IT outsourcer to keep your company safe from malicious attack.
Top five areas of protection currently include:
- Network Defenses - keeps hackers from infiltrating and navigating through corporate networks to steal critical data.
- End-Point Mobile Device Protection - prevents hackers from compromising individual devices.
- Data-In-Motion Defenses - includes protecting data while it’s being sent from one device to another.
- Data-At-Rest Defenses - includes protecting data when it’s stored in corporate databases.
- Analysis and Correlation Tools - monitors the flow of data through corporate networks and databases to find suspicious activity.
Top eight points to include in your cyber security strategy:
- Assess your risk.
- Set thresholds according to the level of incident impact and disruption.
- Plan triage so you know what should get attention first, how to cordon off and protect data, and how long a disruption is likely to last.
- Build flexibility into the plan so your company can respond in the best way.
- Identify which person will handle which role.
- Ensure legal and regulatory requirements regarding data breaches are met.
- Establish alternate systems so you can continue to do business without a particular system functioning.
- Run drill events based on different types of disasters.
2) Ensure software is up to date
In the recent ransomware attack on the NHS, hackers infiltrated the health service’s computer system and sabotaged as many as 40 hospitals. The attack was attributed largely to out-of-date software. What we can learn from this attack is that the more frequent your software updates, the less likely your data is to be lost to a malicious attack. Ensure that you implement admin rights for yourself only, or a limited number of users. The fewer people with admin rights, and therefore the ability to change or update software, the more effective your protection measures will be.
3) Backup data regularly
An important step in ransomware protection, and part of your RTO and RPO strategy, is the regular backup of all data. There are many options available, from cloud providers that enable access via servers, and data through internet connection, to on-premise backups that copy your data to a storage device located on-site that will backup your data both manually and automatically. Research the best options before committing to a particular system. Most hosting providers will allow you to determine a timeline best suited to your business and RPO strategy which will dictate time between data backups then backup automatically.
4) Email spam filters should be airtight
Spam manifests in many forms and increases the risk of exposure to malware for any business with multiple connected computing devices and associated users.
Ninety-three percent of all phishing emails are now ransomware. Phishing can take the form of an email that seems to have been sent from an official source, maybe a bank or partner organisation. The attachment included in the email infects the target computer when downloaded, and malware spreads across the network once embedded in the computer. For instance, a batch of ransomware phishing emails recently targeted HR teams who regularly receive unsolicited email from job applicants, and a sophisticated identity phishing campaign targeted Google's one billion users earlier this year.
Since spammers are continually inventing new techniques to trick your organisation’s filters, it’s best to customise businesses anti-spam software to take care of your specific needs so only approved emails make it to your mailbox.
5) Employee education is key to ransomware protection
Every ransomware protection plan should include employee training. Institutions dedicated to cyber security training can help you choose the programme that is right for your company’s needs.
Take the time to create an employee cyber security policy that can be communicated to, and followed by, every employee. Have regular, focused sessions with employees to explore different types of malicious attacks and regularly test their cyber security knowledge.
6) Consider outsourcing IT cyber security
By 2019, experts say there could be 1.5 million unfilled cybersecurity jobs. Given this skills scarcity, combined with the daunting task of keeping on top of the latest developments in malicious attacks, now might be the time to consider which security functions your company can outsource.
A managed security services provider (MSSP) can focus exclusively on security and ensure that your company gets the cybersecurity support it needs at all times.
Download the Cisco 2017 Annual Cybersecurity Report for security industry insights and key findings taken from threat intelligence and cybersecurity trends.