Seven Practical Strategies to Help Prevent Ransomware
Colonial Pipeline’s shutdown brought ransomware to the forefront of the news again. Gas shortages, price hikes and long lines will make the news and get the CEO asking questions. Ransomware is a successful criminal enterprise business model that is NOT going away. The criminals even have their own acronyms! “RaaS” ransomware-as-a-service model where the developers rent out software to affiliate hackers, who then share in the profits.
Many security vendors claim to have a magic bullet. It’s not that simple. However there are things you can do to lower your risk, show management that you have a plan, and respond when an incident occurs. Here are a few things you can do to help yourself:
Penetration Testing - Test to understand your susceptibility to ransomware and understand where you have security opportunities. Utilize a penetration test to establish a baseline of risk which can prioritize your security program efforts and investments.
Segmentation - Network segmentation helps protect against the spread of ransomware. If you logically segment your network and apply least-privilege security policies, when an end user double clicks on a bad link the impact can be contained to that network segment so it doesn't cross contaminate other areas of the network. Utilizing firewalls for internal segmentation allows for better visibility and greater control over access, authorization, and authentication between networks.
Vulnerability Management and Patching - ransomware sometimes takes advantage of old vulnerabilities. However, not all vulnerabilities are created equal. Understanding which are critical helps prioritize remediation and can reduce risk.
Security Awareness Training - users are your weakest link and arguably the highest area of risk. Regular training helps them to recognize phishing attacks and report them. Turn your users into a line of defense and create cyber savvy employees.
Backups AND Restores - Everyone does backups. How do you know they’re successful? When’s the last time your company did a restore and tested it? How are your backups protected from ransomware?
Endpoint Security and Managed Detection and Response (MDR) - Anti-Virus isn’t sufficient in today’s security landscape. Look for next generation endpoint security programs that can establish baselines of behavior and prevent abnormal anomalies. Utilize MDR to help establish your first line of defense in an incident response program.
Two Factor Authentication (2FA) - not having 2FA for your VPN and any externally facing or hosted applications is a serious risk. At a minimum, 2FA should be enforced on any email systems so if credentials are stolen, bad actors are still prevented from access.
The threat of ransomware can be daunting. NetWorks Group helps customers with both testing and prevention of ransomware and other security risks. We’ll help you understand where your gaps are and help you develop a prioritized approach you can share with the CEO to gain buy-in. We’ve also created a number of services to help prevent ransomware if you don’t have the time or in house expertise. Please reach out for more information. We’re here to help.
NetWorks Group is hosting a Ransomware panel discussion on June 17. Hear from security experts from both the offensive and defensive side of security to gain insight on how you can better protect your environment from these rapidly evolving threats. You can register here: