John Stevenson by John Stevenson | | Blog

In a recent poll on the Linkedin group The Cyber Security Hub, nearly 40% of 2000 respondents stated that they were “not very” when asked how confident they were that their cyber security defence would protect them from a ransomware attack. It’s a worrying statistic and one that reflects the sense of inevitability and that many now feel around ransomware protection.

The good news is that there’s no need for this level of resignation. By taking a holistic approach to the problem and combining the latest defensive technologies with industry best practice, it is possible to effectively combat the threat of a ransomware attack.

Protect your organisation against becoming a victim of ransomware by focussing on the following 6 key areas:

Step 1: Identify Information Flows

Identify each of the key information flows into the organisation, from email and Web browsing to file sharing and remote working. Each information flow needs to be robustly guarded.

Step 2: Consider Segregating Networks

Pay particular attention to the information assets and personnel within the business. An effective backup strategy will help mitigate against the threat of an attacker encrypting your data but it won’t stop the attacker from publishing your data if they do get in and steal it. It may be necessary to physically segregate networks to provide an additional layer of defence for high-value data and key members of staff.

Step 3: Invest in Advanced Protection

Ensure detection-based anti-virus defences are kept up to date but be aware that it is very difficult for cyber defences based on detection to keep up with the latest threats and the changes made to an attack each time it is used. In addition, look to deploy an advanced protection solution that uses techniques such as transformation to ensure incoming files are safe.

These techniques don’t suffer from the shortcomings of detection-based defences and can be relied upon to only deliver safe, malware-free files. Advanced protection can be deployed on every information flow into the organisation to protect from sophisticated attacks.

Step 4: Backup Data

A vital element in  any ransomware security strategy is regular data backups. Most companies do this but surprisingly few run backup and restore drills. Both processes are important. Restore drills are the only way to know ahead of time whether your backup plan is working.

If you test your backup and restore drill regularly you can reduce the impact of the attack by having a safe recent restore point.

Step 5: Update and Patch

Ensure operating systems, security software, applications and network hardware devices are fully patched and updated. Many attacks take advantage of known vulnerabilities that manufacturers have patched. Failing to apply the patches quickly/in a timely manner leaves the door wide open to attackers. 

Step 6: Train Staff

Nine times out of ten, a ransomware attack begins with a seemingly innocent business document arriving as an email attachment, a download from a compromised website or an upload from an untrusted or unprotected workstation. Attackers make extensive use of social engineering techniques to persuade un-wary staff into opening these documents so it’s vital to ensure every member of staff is educated to the potential danger.

There is an undercurrent of resignation surrounding the issue of a ransomware attack, with many organisations taking the view that whatever defences they implement, they can and even will be breached (the so-called “it’s not if, it’s when” mentality). In fact, you can protect your organisation against becoming a victim of ransomware by focussing on the 6 key areas covered in this article.

For more information on ransomware prevention, why not download the free ebook A Practical Guide to Combatting Ransomware.

View all posts