Search
Shopping cart
Categories
 Naar overzicht

The ultimate preparation against Ransomware

Completely preventing ransomware is unfortunately not yet possible. The impact can be large and cause serious damage to your organization.

Ransomware threat has been increasing since the last few years. This malicious software (malware) often enters through the email of one of the users in a network. Ransomware can be located in an email attachment or behind a link that the user can click. Not only are computer systems attacked by ransomware but the development of the malware is increasingly moving to phones and tablets.

How do you weaponize against ransomware?

The preparation of ransomware attacks starts on the access. If you don't click on a link or open an attachment to a phishing email, you keep the cybercriminal out anyway. In addition, cybercriminals also scour for weak software or crack the password. How you can arm yourself against these attacks, we will explain later on this page.

What is the purpose of ransomware?

A ransomware attack aims to encrypt your files, the crucial on-site IT systems or files in the cloud. Then the cybercriminals blackmail them back only to decrypt them in exchange for a ransom (ransom) and often they ask for Bitcoins. The moment your system files are encrypted it is difficult to find out what caused this attack.

A ransomware attack can have enormous consequences for your organization. The attack can even go so far as to gain administrator privileges to gain full control of the crown jewels within the company. They further infiltrate themselves within all networks with hacking tools. Imagine for yourself what your organization would be like without computer systems and the devices connected to them completely under the hacker's control. This also applies to the organizations connected to the network of your manufacturers and customers.

To pay for ransomware or not?

If your organization becomes the victim of a ransomware attack, don't pay for it. This is because you are funding this revenue model of cybercriminals and also the development to make these types of different ransomware attacks even more professional. Moreover, paying a ransom offers no guarantee that the systems will be decrypted. One pitfall is that these hackers have copied all the data files several times With this, they can blackmail organizations to post this data publicly on the Internet. Because it involves payments of large ransoms, ransomware is by far the largest form of cybercrime there is. If we continue to fund ransomware and it keeps going, things are going to go badly wrong one day and it could even cost lives.

Make sure you have a good backup strategy

For ransomware attacks, it is wise to be prepared. Take snapshots and offline backups and test and verify them regularly. In addition, it is also advisable to check your daily backups to see if you see any suspicious data files. Also, make sure you have stable and secure storage media. Consider secure USB storage media and tape drives.

Increase employee awareness of cyber risk's

Training and keeping your employees aware of digital dangers is indispensable and essential within any organization. It is no longer the reality óf you get hacked, but when. Unfortunately, organizations don't écht wake up until it's too late or their business partners have been attacked and your company data is on the street. You may wonder, when a colleague or your software vendors are targeted and the hacker is in your network. A small mistake with phising mails, phone or email fraud (also called social engineering) is made in no time. The impact of financial and image damage is great. Some examples to be more conscious with your computer:

  • Be wary when clicking on links or downloading free software and keep a close eye on what you are about to download from which website
  • Be careful when opening attachments or images in emails from unknown people. Also, keep an eye on the whole e-mail domain and try to avoid unknown e-mails such as free e-mail addresses like Gmail, Hotmail, Yahoo, etc.
  • Do not trust pop-up windows to download software
  • Do not trust emails to pay or renew bills or licenses online
  • Limit the number of files you share with others. Many of these websites/applications offer little protection against malware

Use a good anti-virus program

Using a good anti-virus application that provides protection against malware both online and offline. In particular, the pre-boot protection of a system and online detection systems of an anti-virus program are essential.

Keep all software up to date

Keeping software updated is very important. Security updates are released regularly. It may be necessary for government organizations to first test patch updates to software themselves before implementing an update on a large scale. Software is vulnerable and often not developed on the basis of security by design. Therefore we advise to regularly check the patch updates and release notes and update where necessary. We regularly see zero-day attacks on VPN's, remote management tools and others. A recent example is Log4Shell where major vulnerabilities were discovered in the logging software Log4j. It is well known that after these types of zero-day vulnerabilities in software, hackers often infiltrate further within your network to then install ransomware. This is often a long process of weeks or months, but the result can ultimately cause great damage to your organization. To guard against zero-day vulnerabilities, we recommend using Zero Trust technology from Safe-T within your company. With Safe-T you hide the network both inside and outside the organization and uses a patented reverse access technology. In addition, Safe-T is also unique in that their virtual appliance can be used in any network, whether in the cloud, hybrid or on-premises.

Ensure that user accounts cannot install software on the systems

The user accounts may have different security settings between them. With an administrator account you can install new software, but with a limited or a standard account you usually cannot. For ordinary Internet surfing or application use in the cloud you usually do not need to install new software. That's why we recommend using a limited or standard account as much as possible. This prevents malware from being installed on the computer and making changes to the entire system.

Filtering of web browser traffic

The advice is to route all outbound web traffic through a proxy. Consider filtering websites that users want to visit.

Restricting the use of unsecured external USB storage devices

Unsecured data carriers such as USB sticks and external hard drives and cell phones can infect a system with malware. It is possible to filter (whitelist) USB ports with a so-called PortBlocker. This only allows secure storage media with their own anti-malware application.

How to reduce the risk of ransomware infection?

Read the NCSC's Ransomware Fact Sheet
Endpoint protection against malware ESET
Endpoint security for managing and filtering secure storage media with DataLocker
Physical endpoint security with Smart Keeper
Network segement by Zero Trust technology with Safe-T