Best Practices for Avoiding a Ransomware Attack

Best Practices for Avoiding a Ransomware Attack

Just one ransomware incident can cost a business an average of $732,520 and that is if they don’t have to pay the ransom. If they pay it, their losses are nearly doubled!

Ransomware is a form of malware and it can be one of the most costly for a company because it can bring operations to a standstill. This will cost the company hundreds of thousands of dollars in downtime.  

One recent attack that happened in Stamford was at the Pitney Bowes headquarters. Ransomware encrypted some of their data which disrupted customer access to some of the company’s services like the ability to refill postage meters.

Organizations of any size can become a ransomware victim and often small and mid-sized businesses are targeted. Hackers look to make off with a quick ransom and then move onto the next unsuspecting target.

54% of U.S. businesses reported being attacked by ransomware within the last year.

As part of your IT security strategy, you should address ransomware and how to avoid falling victim to an attack. This takes a multi-pronged approach that deploys several best practices.

Keep All Your Data Backed Up Regularly

Some organizations hit with ransomware end up coming out mostly unscathed and with much lower costs than the average. This is because they have a solid backup and recovery strategy in place in their business continuity plan.

If you have a protected and managed backup in place that can be easily restored to your devices once the ransomware is removed, you can reduce downtime and get your systems up and running much faster. It also gives you peace of mind to know that you have done everything possible to minimize the threat of a ransomware attack.

You want to ensure that you are backing up all of your data which includes data in cloud storage systems because they can also be infected with ransomware from a syncing computer. Check your backups regularly to ensure they are working properly or use managed backup services through a trusted IT provider like Sound Computers.

Use Anti-Phishing & Spam Filters

Phishing has been the #1 delivery method for ransomware and other types of malware for several years. Phishing emails are getting more sophisticated all the time which makes it more challenging for employees to detect them.

Reduce your risk by putting an anti-phishing and anti-spam filter in place for your business emails to quarantine suspicious emails and keep them out of employee inboxes.

Use an AI-Based Antivirus/Anti-Malware Solution

If you are only using a signature-based anti-malware solution, it is going to miss the majority of the dangerous scripts. 

50% of all the malware detected in 2019 was considered “zero-day” which means it is so new that it has not yet been added to a threat database. 

In order to detect zero-day threats, you need to have an antivirus/anti-malware solution that uses AI to detect suspicious behavior of code or processes. This will give you a much better chance at catching the newest forms of ransomware before they can infect your system.

Keep All Devices Updated

One of the cybersecurity best practices for just about any type of threat is to keep computers, routers, servers and other devices updated in a timely manner.

Updates often install critical security patches that fix vulnerabilities in a code that can allow software to be manipulated. Ransomware and other forms of malware often take advantage of these vulnerabilities.

Managed IT services can help you take the burden of updates off of your shoulders and ensure those updates are happening when they need to be.

Use DNS Filtering for Safe Browsing

A majority of malicious code spread by phishing emails comes from employees clicking links to malicious sites rather than through opening a file attachment.

Criminals use links as a way to get past an anti-malware or anti-spam application.

DNS filtering will block malicious sites and send employees that click a dangerous link to a warning page rather than the hacker’s website. 

Employee Awareness Training

Well-trained employees lead to fewer cybersecurity incidents and can mitigate your risk of being infected with ransomware. 

Here are some tips for employee awareness training related to ransomware that can be an effective means of protection:

  • Train employees how to spot phishing emails
  • Do simulated phishing drills
  • Create a step-by-step guide on what to do if ransomware is detected on a device
  • Teach employees about social phishing and text-based phishing
  • Train regularly instead of just during an onboarding process.

Put System Protections in Place Such as Ringfencing 

One of the protections you can put in place on a system to help prevent ransomware from infecting and encrypting files is called ringfencing.

This type of protocol sets parameters on how different programs can interact with each other and can help keep a rogue ransomware application from deploying encryption commands.

Another tactic you can use is application whitelisting which can prevent any unknown applications from running on a computer at all.

Get a Ransomware Protection Checkup from Sound Computers 

How well does your current cybersecurity plan have you protected from ransomware? We can do a full IT security checkup and let you know if you are vulnerable.

Contact us today to schedule a free consultation. Call 860-577-8060 or reach us online.

Leave a comment

Your email address will not be published. Required fields are marked *