8 best practices on how to prevent ransomware

Introduction

Ransomware is a dangerous form of infection that infiltrates devices such as mobiles and computers to take hostage of an organization’s sensitive information by encrypting it. The attacker then tries to get the victim to pay the ransom for the key to decrypt their file.

With attacks on the rise due to the pandemic, it is crucial for businesses to take the correct initiatives to prevent ransomware. Read on to learn how to be proactive and prevent ransomware from attacking your data, your network, and your devices.

1. Keep your anti-virus software up to date

   Prevent ransomware from getting on your computer by using software that can block phishing sites and other malicious online destinations. It is crucial to update the anti-virus software because today, computers are vulnerable to new viruses. The update can include things like new tools to combat new viruses and protect/ prevent your device form being infected.

   An updated anti-virus program will have something called a signature file, which is the latest list of known viruses. It is best to configure the program to automatically check and updates for new viruses based on the signature list. Depending on the anti-virus software, it can have the ability to scan your computer for any vulnerability. This feature means that there is an extra layer protection for your network because security flaws in your computer can be an easier entry way for viruses.

   However, ensure that whichever anti-virus solution your businesses chooses, it is not a free one downloaded from a third-party source, because it may be a virus. Additionally, another important best practice to consider is something called a centrally monitored commercial AV where it reports back to your IT provider. Essentially, this is something that your managed IT service provider would set up. Your IT company monitors and provides response to any incident report to prevent any loss in case of unforeseen circumstance.

2. Training employees in cyber security best practices

   Training your employees in cyber security and making them more aware is significant. Things like phishing emails are one of the most common ways for a data breach. By tricking users into clicking or opening an attachment that is full of malware is how cyber criminals gain access to sensitive information.

   It is important to train staff of cybersecurity awareness on a regular basis because it is crucial for a business to protect itself against ransomware. Training should cover the following:

   • Not to click on malicious links.
   • Never open unexpected or untrusted attachments.
   • Avoid revealing personal or sensitive data to phishers.
   • Verify software legitimacy before downloading it.
   • Never plug an unknown USB into their computer.
   • Use a VPN when connecting via untrusted or public Wi-Fi.

   Other things to include in the training should be focused on something called social engineering. While the word engineering might throw them off at first, it means that the hacker can disguise themselves with fake but trusted online identities. This tactic is used to trick employees into providing information they should not.

3. Regular data backup

   The main reason for a data backup is to have a secure archive of your important information, whether it is classified document for your business or client information. The main reason that data backup is critical is to save these files in case there is a hard drive failure, natural disaster, ransomware attack or system crash. In the event your network is attacked, depending on the severity and the frequency of the data backup, the risk of your data being completely comprised is lower.

4. Secure, strong user multi factor authentication (MFA)

   One of the most common ways that cybercriminals can access an organization’s systems is by using stolen credentials using a tool called Remote Desktop Protocol (RDP). Essentially, this means that hackers can access a user’s computer remotely using their credentials. However, this can be minimized using a multi factor authentication and enforcing a strong password amongst employees. Additionally, it identifies the user’s identity in multiple steps using different methods. Thus, providing an extra layer of security on top of the login credentials.

5. Up to date patches

   It is very important to keep your computer up to date by applying regular security patches because it will help limit your business’s vulnerability to ransomware attacks. Moreover, regular updates such as managed security patches which the ongoing process of applying updates that help resolve code vulnerabilities). It protects your computer by deleting computer bugs, adding new features to your computer, remove outdated ones, and protect your data.

6. Anti-Ransomware Solutions

   All the tactics mentioned above are steps that can be taken to mitigate a business’s exposure to ransomware, however, for maximum protection it should be coupled with a ransomware solution provider. Hiring a ransomware solution service provider means that your network is being proactively monitored, your files are being regularly backed up and advanced intrusion preventions/ threat remediation tools are utilized. Learn how else a ransomware solution provider can help.

7. Do not download applications or software from unknown sources

   An important best practice to ingrain in your team is to let them know which reputable sources they can download programs/ software/ applications from. Trusted sources like Microsoft Store, Google Play and Apple Store are the ones that should be used as a point of reference when employees want to download applications. Other sources that certain applications can be downloaded from is from the actual website. But it is usually easier and safer to download them from the Apple Store, Google Play, or Microsoft if available.

8. Be cautious of pop-installation requirements

   One of the most common ways that a virus can attack your network is through pop-up prompts. Whenever you get a pop-up request to update, download, or install a plug-in or software while you are online browsing, close the pop-up instantly, do not take the action they are requesting. A common pop-up that tends to come up is an Adobe Flash update to view the site’s content, get the latest version directly from the source. Next time you see this close the browser instantly!

Conclusion

Following the above best practices is what can help minimize your network being hacked. It is obvious that the best way to respond to ransomware is to avoid having it in the first place, however, no matter the size of the organization, they can all be targets. Making sure that the right preventative measures are set up correctly, constant data backup, and employee training will ensure that data loss and downtime will be minimal.