What is ransomware? Ransomware is malware that blocks access to a system or device by encrypting sensitive information from the network endpoints and then asking for a ransom to decrypt or retrieve the data. The malware can also erase saved data from the system. It can be especially harmful when ransomware attacks impact hospitals and other critical infrastructures. The loss of information can particularly impact many beneficiaries other than the organization itself. Fighting against ransomware requires a holistic team effort that brings together an entire unit or organization. Below are ten ways that networks can be secured to limit the impact of ransomware.

1. Email security: Email is one of the most common ways for cybercriminals to deliver ransomware to targeted networks. A secure email gateway solution offers multilayer protection against the myriad of email-borne threats. Sandboxing is one technique wherein any email that passes the email filters and still contains malicious links or attachments can be tested before it reaches the targeted server and network. Additionally, web mail servers can be configured to block specific attachments with extensions like .exe, .vbs or .scr.
2. Using firewall technology: A WAF (Web Application Firewall) is software that protects web applications by filtering and monitoring HTTP traffic to and from a web service. It is a vital security layer as it acts as the first line of defence against potential cyberattacks. As organizations execute new initiatives in technology, they end up expanding the surfaces that can be attacked through malware. Application programming interfaces (APIs) can also be exposed to threats due to the webserver’s vulnerabilities. A WAF helps keep these applications and plugins secure and protected.
3. Maintaining data backup: Every organization and individual should be able to perform regular backups of all data and subsequently be tested to ensure that the same can easily be retrieved as well. Institutions involved with providing software solutions have recommended that data backup is one of the most effective ways to mitigate losses on account of ransomware. To stop malware from impacting backed-up files, it is advisable to save the backup offline instead of online. Cloud backups are efficient in keeping a copy of the files and protecting them from ransomware. Backups should also be routinely tested for efficacy, and in case of an attack, it should be ensured that the backed-up files are not infected before rolling them back into the system.
4. Strengthening endpoint protection: Conventional options such as using antivirus software may not always help, and as cybercrimes continue to evolve, they typically cannot keep up. Looking at the newer ways that cyberattacks occur, it can take seconds for network endpoints to be compromised. Organizations may use an endpoint discovery and response (EDR) solution and other latest technologies available in market. Traditional EDR tools are not enough because they require manual responses, making them slow and weak for the massive volume of cybersecurity alarms burdening the response teams. Next-generation EDR solutions deliver advanced and real-time threat intelligence, analysis, and management of endpoints before and after infection to protect against ransomware. They can detect and defuse potential threats and reduce the attack surface, helping automation of remediation procedures.
5. Time-to-time system updates: Software security patches can stop attackers from exploiting vulnerabilities in the system, browser, end point tools or other software programs. Firmware, anti-malware applications, anti-virus software, operating systems and third-party software must have the latest security patch installed. New ransomware versions also come out regularly, and software updates ensure that anti-malware features in the updated versions recognizes and overcomes these threats.
6. Protection of personal information: Cyber hackers have been employing different tactics to compel a targeted individual or institution to share personal or private information. Criminals planning a ransomware attack may try to collect sensitive information in advance, which is then used to carve out phishing emails and messages specifically to the target. It is crucial not to overshare online and exercise restraint while giving out any identifying details unless necessary. It is a human tendency to trust other humans and overlook alarming information. It is better to be sceptical when someone requests sensitive information over phone calls, messaging or emails.
7. Refrain from opening suspicious attachments: This applies to messages sent by unfamiliar people and pertains to senders who seem like acquaintances. Ransomware can find its way to a device through email attachments. To ensure legitimacy, one must pay close attention to the sender’s address- spell checks, placement of special characters etc., therein.
8. User training: The measures mentioned above to prevent ransomware are of any use only if users are educated about some of the most common types of phishing and spoofing attacks that are taking place. Employing phishing simulations to test employees’ familiarity with the tactics and responses should be part of a comprehensive training program in organizations. Those trained to identify and appropriately treat malicious messages are less likely to open an infected attachment.

  Even though ransomware attacks are becoming increasingly rampant, organizations and individuals are not entirely helpless. It may require considerable rethinking and reorganizing, but tools are available that can protect against such attacks. The above recommendations shall help strengthen the chances of defeating significant ransomware threats. If any organization don’t have inhouse skills to implement these tips, they can always consult a cyber security focused partner who can consult and implement these protective measures.

About SNS

Secure Network Solutions India (SNS) provides a quantifiable, risk-based approach to building corporate cybersecurity based on globally recognized frameworks and standards. We have been protecting businesses for the last 20 years! Write to us at [email protected]