4 Keys to Defending Against Ransomware



By Amos Aesoph – CSO, Xigent Solutions


Image result for ransomware

As we discussed in an article published on our blog last year, ransomware is a type of malware that encrypts your files and holds them hostage—until you pay the ransom. If you've paid attention to news headlines over the past year, you won't be surprised to learn that it's morphed into a billion-dollar criminal business model. Needless to say, it's not going away anytime soon.


Here are four keys to defending your organization against this increasingly prevalent cybersecurity threat:


1. Provide cybersecurity training for your employees.


Your people are your most valuable asset, but when it comes to cybersecurity, they can also be your weakest link. Regular cybersecurity training can help. If your employees are able to recognize the latest malicious emails and other threats, they'll be better equipped to bolster your ransomware defense.


2. Make "defense in depth" your cybersecurity mantra.


Because ransomware can infiltrate your network via a number of vehicles—emails, external storage drives, and even Microsoft Office documents, to name a few—a multilayered cybersecurity strategy is a must. For instance, consider implementing Domain Name System (DNS) security to prevent a DNS query from returning bad data to your network. Employ the latest email security measures <link to email security blog post once published> to keep malware out of users' inboxes.

And don't forget about endpoint protection specifically designed to negate ransomware…

This type of protection involves systems that monitor your network for signs of ransomware. Using artificial intelligence, the software understands when files are being encrypted by ransomware. When it sees a file changing in this manner, it stops the encryption process, quarantines the malware, and reverts the file to its latest uncompromised version.


3. Establish a data backup and disaster recovery plan.


As you may recall, the city of Atlanta became the victim of a devastating ransomware attack in March 2018. The SamSam malware took down the city's computer network, and demanded a ransom of approximately $50,000 in bitcoin to unlock it, which the city refused to pay. Sadly, the attack's aftereffects were exponentially more costly. Much of the city's data was unrecoverable, and news outlets reported that recovery efforts could cost taxpayers more than $10 million.

This unfortunate event highlights one of the more concerning aspects of a ransomware attack: your files could be permanently destroyed. Taking steps now to ensure your data is backed up and fully recoverable can help you avoid a devastating outcome.


4. Partner with a cybersecurity expert.


As long as ransomware remains a lucrative business venture, cybercriminals will continue to launch new and more sophisticated attacks. By making sure your employees are up to speed on the latest cybersecurity threats, protecting your networks, and preparing for the worst, you'll be ready with a strong defense—and we're here to help. As your partner, we can support you in all aspects of your cybersecurity program.


Give us a call today to schedule a consultation.