Image source: mcrinc.com
Ransomware threats against enterprises are becoming more prevalent by the minute, infecting a growing number of computer systems around the world. The mission behind these threats is simple: extort money from victim entities before restoring encrypted data. Here are some do’s and don’ts to go by when dealing with these cyber threats.
Remove the affected system from the network as well as the threat itself. Restore any affected files from a known good backup, as it’s the fastest way to regain access to impacted data.
Do install, configure, and maintain an endpoint security solution, as it will serve as the final line of defense against any threat. The solution should be comprised of protections against file-based threats as well as protections for downloads, browsers, and firewall, to name a few.
Do educate the organization on the different ways that ransomware can penetrate the system, such as through Spear Phishing attempts or unsolicited e-mails (with attachment) coming from unknown senders. Beware of new ransomware variants appearing regularly, so keep security software and services up to date.
Image source: netswitch.net
Do NOT pay the ransom, even if it appears to be a sensible response. Doing so will only encourage and fund the attackers, perpetuating the system. And even if the ransom is paid, it is not a guarantee that the victim will regain access to the affected files. The first rule is never to negotiate with the hostage takers.
Do not be careless in handling unexpected emails, especially those containing links and/or attachments. Be particularly wary of Microsoft Office email attachments that advise enabling macros to view content, unless absolutely sure that it is a genuine email from a trusted source.
Do not take data backups for granted. Make sure that backups are sufficiently protected or stored offline so attackers cannot delete them.