The frequency and volume of ransomware attacks have increased dramatically in the past few years. Few people in the tech industry will forget the 2017 WannaCry attack, which infected over 200,000 computers in 150 countries worldwide and brought down part of the U.K.’s National Health Service, or the 2019 RobbinHood attack, which brought the Baltimore government to a standstill for nearly two weeks.
Although attempted attacks are now an everyday fact of life for system administrators, there are ways to prevent malware attacks from harming your organization. If you follow these 11 steps, you can help stop the majority of ransomware infections, as well as mitigate the damage of any that do succeed:
- Change your passwords. While it might seem obvious, it doesn’t hurt to be reminded. Many system breaches come from brute-force password attacks, so the stronger your passwords, the better. Never keep the default passwords, and change them regularly.
- Scan and filter all incoming emails. The other common route for ransomware is through phishing emails, which appear to be from a trusted source and trick the user into installing malicious programs. Using server-side scanning and filtering of incoming email before it even gets to the user’s inbox will remove that risk.
- Keep your systems up to date. That includes antivirus, operating system, server tools, and all other software. Most vulnerabilities targeted by malware are actually patched within a day or two by software companies, but it’s up to you to make sure those patches are applied to your system.
- Teach good security practices. Everyone using your system, from the receptionist to the CEO, should be educated on basic security—like not clicking on suspicious links, having unique and strong passwords, safe browsing, and so on.
- Restrict personal data. Access to personal data makes it easier for hackers to gain the trust of your employees and exploit them. Try to restrict how much of it is presented to the outside world.
- Increase isolation. Although a well-connected network is normally better for efficiency, it also allows a virus to spread further and faster. Compartmentalize the network and isolate sensitive parts, so, if the worst does happen, you can limit its movement.
- Identify the most important data. What can’t you afford to lose? In the age of big data, backing up and protecting everything is extremely costly. A critical step in ransomware prevention, preparation, and response is to identify and prioritize your data.
- Check your backup plan. You’ve probably already got a backup system in place, but it’s a good idea to review it and make sure it’s doing its job. Are we backing up the right data? Is the data backed up often enough? Is it stored securely enough? Is cloud storage a good option for us?
- Practice the worst-case scenario. Prepare for what will happen and what you will do if you do become infected with ransomware. The more you practice, the quicker and more effective your response will be in the real world.
- Don’t pay the ransom. Not only is it not guaranteed that they will return your data to you, but it can make your organization a bigger target in the future since you’re known to give in to demands.
- Monitor your network 24/7. Knowledge is power when it comes to preventing ransomware attacks. If you can quickly detect unusual user behavior, unauthorized file access, and changes in network traffic, you can take steps to stop an attack before it goes any further.
One of the best things you can do to protect yourself from ransomware is to install a secure data solution that automatically monitors your system. Using a variety of detection methods, PA File Sight Ransomware Protection provides an excellent and fast data loss prevention system that both removes the chance of human error and simplifies your security process.