Do: Back Up Your Data
First, make sure you back up your data regularly—constantly, if possible, and throughout the entire organization. In a ransomware attack, a criminal gains power when they hold all your information hostage; you won’t be able to access your important files or systems until you pay the ransom. But if you have safe copies of all your old data, this threat can be pointless. You’ll be able to restore a slightly older version of your files and systems and avoid paying the ransom altogether. To make this work, you need to be consistent; back up your data securely and routinely.
Do: Be Proactive
It’s worth putting together a response strategy; in other words, what are you going to do if your organization is the target of a ransomware attack? But it’s much more effective to be proactive. In other words, you have to take steps now to prevent your organization from being the target of an attack in the first place. If you can avoid ever being the subject of a ransomware attack, you’ll never have to deal with the consequences.
Do: Employ Content Scanning and Filtering
One common method for ransomware attackers is to trick employees into either providing their login credentials via a phishing link, or downloading a file that contains malware. You can protect against both of these potential threats by implementing more content scanning and filtering. As an organization, you should have full awareness of what your employees are downloading and what kinds of messages are being exchanged. You should be capable of filtering most threats out before they ever hit an employee’s inbox using automated tools for email security and endpoint security.
Do: Keep Your Systems Up to Date
Next, make sure to keep your systems up to date with the latest software patches. Cybercriminals are constantly looking for opportunities to exploit; if they find a security vulnerability, they’ll try to use it to gain an advantage and launch a ransomware attack. But if you’re constantly installing patches as they become available, this opportunistic attack style becomes useless.
Do: Train Your Employees
Ransomware attacks are often the result of poor employee training and/or bad employee habits. Make sure your employees are familiar with standard best practices in the cybersecurity world, like choosing strong passwords, never giving out their passwords to others, and avoiding links and content that appear suspicious or unfamiliar.
Don’t: Pay the Ransom
Many new victims of ransomware attacks are interested in paying the ransom. They want to get the attack over with and move on with their business. However, this is a bad idea. First, there’s no guarantee a hacker will let your systems go after you pay the ransom. Second, you set the precedent that you’re a valuable target. Instead, it’s better to cut your losses and revert to a former instance of your systems.
Don’t: Provide Personal Information to Unfamiliar Sources
You should never give your password or login credentials to anyone, especially if that person is not familiar to you or is outside your organization. Too many ransomware attacks could have been prevented by following this simple rule.
Don’t: Let the Attack Get Worse
If you’re in the middle of a ransomware attack, it’s important to mitigate the damage as much as possible. That means disconnecting from the internet entirely and preventing the attack from going further. The more proactive and the faster you are here, the better.
Don’t: Run Backups During an Attack
Similarly, make sure you turn off all automatic backups during an attack, should one occur. Otherwise, you’ll be duplicating the ransomware attack and possibly compromising your backups.
Do: Use Check Point’s Anti-Ransomware Solution
If you’re interested in maximizing your anti-ransomware potential, use Check Point’s Anti-Ransomware solution. With it, you’ll be able to employ a vast suite of tools to help you proactively avoid and combat ransomware. It includes active threat prevention, the capacity to detect and quarantine ransomware attacks, and of course, the ability to restore your files from routine backups. Sign up for a free demo today, and see if it’s the right fit for your organization!
Feedback