Ten Tips to Avoid Becoming the Next Ransomware Victim

Law enforcement and IT professionals are busy fighting cyberattacks and trying to prevent cybercrime. These days much of this criminal activity centers around ransomware.

In a typical ransomware attack, your data is encrypted with a criminal’s key, potentially making it impossible to access your data until you pay the criminals a ransom amount they demand to be paid in Bitcoin. We have seen this happen to far too many local companies and organizations.

We are here to help. The good news is these crimes are often preventable. Here are 10 actions you can take to help prevent you and your colleagues from becoming the next victim of cybercriminals:

  1. Replace legacy antivirus software with next-generation Endpoint Detection and Response (EDR) solutions: Traditional antivirus systems use definitions to detect known viruses. Modern attacks often use more advanced techniques that require more advanced protection like the detection of file-less attacks, in-memory attacks, and unknown threats that can be observed through AI-based pattern detection.
  2. Be as restrictive as possible with computer and data access: After a hacker is in your system they will seek to infect as much of your data and as many of your devices as possible. By being strategic about who has what access to your system, you can significantly limit the damage one infected device or account can do.
  3. Don’t neglect security patches and software updates: New weaknesses in software are found daily, and companies fix these holes with patches. Old, unsupported products are no longer patched but still have newly-found vulnerabilities. Make sure your software and devices are actively being patched.
  4. Activate multi-factor authentication: Even the strongest passwords are subject to compromise. Activate multifactor/MFA/Two-Factor/2FA login and when possible use app-based authentication instead of txt/SMS-based authentication, since phone numbers can also be stolen.
  5. Add 24/7 security monitoring to your layered system: The best automated systems still benefit from humans analyzing telemetry and alerts in real-time, so consider adding a Security Operations Center (SOC) service to watch your MDR and EDR automated defenses. This is included in SNAP-Defense.
  6. Offline and ransomware-resistant backups are critical: Modern attacks intentionally infect and destroy data from online backups first, which is why you need a backup system that’s not accessible via a USB port, your network, or the Internet, a.k.a. an air-gapped backup. Our BDR and Advanced Cloud Backup solutions meet this requirement.
  7. Train employees on cybersecurity best practices: Arguably the biggest threat to your data is you and your people. Regular cybersecurity awareness training and assessment ensures staff us current on what they need to do to stay safe and regularly reinforces key concepts in constructive ways that help everyone resist the latest attack techniques.
  8. Sync HR & IT departments: Your HR and IT department must make a coordinated effort to ensure the network is only accessible by currently authorized employees and contractors- not terminated staff or inactive vendors. One of the ways we help is with customized forms for new hires, termination, and vendor access.
  9. Use advanced spam filters that block phishing and Business Email Compromise (BEC) attacks: Spam filters used to help everyone by keeping junk mail from cluttering your inbox. That’s still important, but these days it’s critical to block malicious emails from tempting you and your employees with account takeover and computer remote control. Like vampires, cybercriminals can bypass door locks and firewalls when they’re invited in.
  10. Obtain cyber liability insurance from an experienced broker: At the end of the day, technology can fail. Then what? Do you know what your cyber liability insurance policy covers? Do you know if you are still consistent and in compliance with the questionnaire and application you completed when you obtained your current policy? Has your broker assisted any clients with a cyber loss in the past? Premiums are increasing, coverage limits are decreasing, and items #1-#9 in this list are now required to obtain new coverage and renew existing policies.
Feel welcome to share this top-ten list with your friends and colleagues. We would be happy to discuss your level of compliance in detail. Anyone is welcome to contact us and we will do whatever we can to assist. Lots of today’s cybercrime is preventable or at least manageable with the right planning. We are here to help with both defense and recovery.