Ransomware attacks have increased in volume over the past year, with widespread repercussions. Attacks can impact a company’s ability to operate, cause business and/or revenue loss, and bring about unexpected costs for remediation. It is important to understand how ransomware attacks work, how to stop them, and above all, the best practices to follow to stay secure and protect yourself against the threats and potential damage of an attack.
First, it is important to patch early and often as the exploitation of unpatched vulnerabilities is a root cause of many cyber incidents. Since malware can rely on security bugs in popular applications, the earlier you can patch endpoints, servers, mobile devices, and applications, the fewer holes are left for criminals to exploit. The second best practice to follow is backing up regularly, as well as keeping a recent backup copy offline and offsite. By encrypting backup data, you won’t have to worry about cloud backups or storage devices, and it can usually be restored using backups. Third, enable file extensions; this will make it easier to spot JavaScript (JS) files and other file types that aren’t commonly sent to you or your users. Along the same lines, number four calls for opening JS files in Notepad to block it from running any malicious scripts while still being able to examine the file’s contents.
The fifth best practice is to not enable macros in document attachments received via email. Microsoft deliberately turned off auto-execution of macros by default years ago as a security measure, so no need to alter the setting. Six, be cautious about unsolicited attachments. Cybercriminals rely on you opening a document to make sure it is legitimate, at which point, it’s too late for you. Seventh on the list includes monitoring administrator rights and consistently checking on who has them, and who no longer needs them. The eighth practice to follow is regulating internal and external network access – don’t leave network ports exposed, use two-factor authentication, and lock down other remote management protocols.
Last but not least, the ninth best practice on the list is the importance of using strong passwords. A weak and predictable password can give hackers an easy way into your network. To learn more details about ransomware attacks and keeping yourself safe, visit here.