8 Ways to Fight Off Ransomware

8 Ways to Fight Off Ransomware

Ransomware is very damaging. In line with the evolution from viruses, to botnets and malware families that have occurred over the past 10 years, bad actors continue to find new ways of reinventing old threats. Today, the top trend in modern malware is the proliferation of ransomware.

Ransomware has come a long way from the non-encrypting lock screen FBI scare warnings like Reveton. In 2016, there has been a constant flow of new ransomware families popping up, like Locky, Cerber, Madeba and Maktub, and this is only expected to pick up steam over the balance of the year. Below are 8 tips to help you defend against ransomware.

Install the latest patches for your software, especially Adobe, Microsoft and Oracle apps

A common way in for ransomware is via exploit kits, like Angler. These bundle many application vulnerabilities into one kit, and try drive-by exploits for each one in sequence. The more your apps are outdated, the more likely, some of these exploits might work and infect you with ransomware.

Be skeptical: Don’t click on anything suspicious

Don’t click on any emails or attachments you don’t recognize, and avoid suspicious websites altogether. Most of the infections come from user action – opening attachments or visiting websites, being vigilant is the most effective way to minimize damage.

Block popups

Popups are regularly used by criminals to spread malicious software. To avoid accidental clicks on or within popups, it’s best to prevent them from appearing in the first place.

Use network protection

A very important part of a comprehensive security strategy is to use network traffic monitoring system that is based on machine learning and behavior analysis. As most of these attacks come in via internet channels, make sure your network protection can parse and analyze both email and web traffic.

Turn Windows User Access Control on

Windows has added this security feature to help you stay in control of your computer by informing you when a program makes a change that requires administrator-level permission. User Access Control works by adjusting the permission level of your user account. If you’re doing tasks that can be done as a standard user, such as reading e‑mail, listening to music, or creating documents, you have the permissions of a standard user—even if you’re logged on as an administrator. Take full advantage of it.

Use security content to detect ransomware

You’ll never entirely be able to stop people from opening a malicious email and being tricked into clicking on a phishing link. That act can open a single file that begins acting like a worm and starts propagating through your IT infrastructure or through that of your organization and wreak havoc. It’s critical to have great content so you can start detecting these bugs and squash them before it becomes a problem.

Don’t underestimate the value of continuous monitoring

Look at security vendors with a “products + services” approach. Market-leading security technologies are critical but combined with 24×7 monitoring by security experts is the best approach to securing your IT infrastructure and stopping threats like ransomware. If you have an 9-to-5 business and no one is watching your shop at night, that’s a lot of hours for a malicious bug to move through your IT infrastructure.

Have a robust, in-depth backup plan

Before your company is attacked by ransomware, it is important to have an existing backup plan in place so you can access your data. It’s imperative that an organization’s backup strategy include offline backup, this may require manual processes, but any online backups will be encrypted by attackers, making it useless to the victim. Know the pain points of restoring and recovering data, and make sure that your plan accounts for those pain points. It is important to classify your systems and data when creating your backup plan. Keep in mind which systems and data are most important to your organization and put extra care around the most critical systems in your infrastructure.

Please contact MergerTree Solutions for more information about continuous monitoring and an in-depth back up plan.