It seems no one is safe from the recent rise in ransomware attacks—a potentially devastating cyberattack method in which hackers breach an organization’s network, encrypt files and then demand payment to release the hostage data. Ignore their demands, and they delete the files entirely.
Government agencies, school districts, law enforcement and hospitals make up only some of the organizations who’ve had their networks breached and their data held for ransom. In short, ransomware is everywhere, and its effects can be devastating.
Perhaps the most frightening aspect of ransomware attacks is the relative ease with which they’re launched. They aren’t sophisticated zero-day attacks. Anyone using this form of malware isn’t a cutting-edge hacker, but rather an opportunistic criminal who knows how to exploit known network, software and human weaknesses.
But there’s still good news. Unlike other more intricate data breaches we’ve seen in recent years, ransomware attacks are comparatively unsophisticated. With the proper security measures in place, they can be stopped.
What does it take to protect your agency’s network? Here are the five things you need to in place to avoid becoming the next ransomware casualty.
Turns out, the phrase “safety in numbers” doesn’t always hold true.
Criminals generally focus ransomware attacks on networks to which multiple people have administrative or elevated access. Why?
Because it’s easier to quickly access and encrypt files without detection. The sheer number of users—and the resulting clutter—provides attackers with a hiding place.
By controlling these access points, you can reduce the risk of intruders stealing your data, not to mention the number of employees you must monitor. Instead, grant elevated access only to critical employees and only to certain network locations.
Ransomware hackers seek the path of least resistance. They’re not activists or devotees of a cause: They want to make money with the smallest possible expenditure of time or resources. And thus they exploit what already exists.
One of their favorite entry points to your agency’s network is through missing software patches. Armed with a list of known vulnerabilities, they throw everything they can against your firewall until they find an unprotected gap.
By patching these holes today, you cut off hackers main points of entry. A robust vulnerability management program keeps you informed of any network and software weaknesses so that you can fix them before it’s too late.
When you rely on individuals to backup their own data, you lay out a ransomware welcome mat. People are, unfortunately, notoriously unreliable about archiving data. That’s why you need a comprehensive data backup program to remove the human element from the equation.
No matter what the endpoint—laptops, tablets, phones, etc.—placing your data on the network provides more centralized security and protection. Offline, secure backups are also essential, and ensure that a determined hacker can’t encrypt your most important data and hold it hostage.
Turn On Intrusion Prevention
The best way to thwart ransomware attacks is to preempt and prevent them in the first place. Unfortunately, many organizations only enable security alerts. That’s not enough. Sure, it will notify you as an attack is happening, but by then it might be too late.
Enabling intrusion prevention for all network ingress or egress points allows you to catch the vast majority of these attacks. A next-generation firewall sees these attacks, blocks them from entering your environment and notifies you so that you can trace the source and remediate as needed.
Ultimately, scams are about targeting human weakness, and ransomware is no different.
Educate your employees about what to look for. Remind them not to click on any unverified links and to operate with a healthy dose of skepticism—particularly when it comes to suspicious emails threatening IRS audits or promising millions of dollars.
If phishing attacks or malicious emails are a favorite method of operation for hackers, then educated users are hackers’ Achilles’ heel. Ultimately, combining common sense and easy-to-implement security tools is the best protection against ransomware and its consequences for your agency.