Top Tips To Block Ransomware 2017
Top Tips to Block Ransomware
The fact that a particular attack died down does not mean the threat is over. That ransomware code is still around, just waiting for another cybercriminal to tweak it, make it more dangerous, and rerelease it with a new name such as WannaCry.
That means IT pros and service providers must be ever on guard. The good news is with essential protections in place, you can protect your end users and clients from the ongoing ransomware scourge.
Today there are two main styles of ransomware. The more purist version uses generally unbreakable encryption to make the data completely unavailable. The other technique simply locks down the operating system, disallowing access to the user files. Winlocker is an example of this latter approach.
- Spam that includes malicious links or attachments
- Exploiting vulnerable software such as unpatched operating systems
- Code injections into otherwise legitimate websites
- Botnets that spread ransomware from machine to machine
Keep a Backup
Ransomware works by locking up precious data, and if it is worth enough, you will pay the ransom. Having an up to date backup that is easily accessible and restorable makes that ransom moot. A cloud backup solution is ideal, even if you already have a tier of backup already on-premises.
Restrict User Access and Permissions
The more privileges a system has, the more power the hacker gains by breaking in. Keep admin privileges to a minimum so those that spread ransomware cannot run roughshod. As an admin or MSP, resist the urge to disable User Account Control (UAC)
Use Two-Factor Authentication (2FA)
Often ransomware spreads through credential cracking. Having a second level of authentication can stop that in its tracks.
Use Up to Date Applications and Operating Systems and Keep Them Updated and Patched
Most successful exploits are against unpatched systems, including many ransomware variants. And more recent operating systems and apps are better protected from incursions. Keep your systems up to date, and less vulnerable to attack.
Use antivirus/antimalware software
Ransomware often comes in the form of a virus or malware. With up to date antivirus/antimalware software, these attacks can be automatically detected and the malware quarantined and neutralized.
- Install an ad blocker as pop ups can carry ransomware
- Minimize plug-ins such as Java and Flash
- Turn off macros in Microsoft Office and other apps
- Teach end users to not open suspicious email, open attachments they were not expecting and to not click links in emails they did not ask for.