This week’s blog features an article from our partners at StorageCraft: Ransomware Resolutions: 10 Ways to Make Your Business More Secure in 2021.
Well, 2020 is finally coming to a close. And, for most of us, it couldn’t happen soon enough. Rather than dwell on the negatives of 2020—and there are many—we’d like to put on our rose-colored glasses and look ahead to better times in 2021. Of course, when it comes to ransomware, that’s hardly likely to be the case. In fact, Q3 of 2020 saw a 40 percent spike in global ransomware—199.7 million attacks in all. So, just to make sure 2021 is a good year for you, at least in terms of ransomware, we’d like to share our recommended resolutions for a more secure, ransom-free year.
1: Keep Your AV Software Updated: That sounds simple enough. But in smaller organizations, it’s a step that’s sometimes overlooked. Whether your organization is large or small, now is the time to assess your current antivirus (AV) solution. A solid AV solution includes the ability to monitor your files, and spot and prevent files from being maliciously encrypted—the common denominator for all ransomware. While not foolproof, AV software is one more way to help make 2021 a better year.
2: Know Your Network: Breaches are sometimes hard to catch. The massive SolarWinds breach was caused by malware in releases between March and June 2020. But it wasn’t discovered until December 2020. SolarWinds showed that even the most sophisticated defenses may not be enough. That said, there are plenty of intrusion prevention and detection systems and security information and event management (SIEM) packages available that give you insights into the traffic on your network. With an up-to-date view of your network, you have a better chance of catching anomalies that could point to a hack—whether via ransomware or another form of attack.
3: Pre-Screen and Filter Emails: Social engineering schemes have gotten so sneaky that at some point almost anyone can be fooled. The easiest way to prevent someone from clicking on a ransomware link or downloading an infected file is to prevent the emails from ever arriving in your users’ inboxes. Use content scanning and email filtering tools to strengthen this first line of defense in 2021.
4: Create Your Disaster Recovery Plan and Test It: If you don’t already have a disaster recovery (DR) plan, get started now. We’ve provided you with a basic DR checklist here. If you already have a DR plan, make sure it’s up to date. Either way, your plan should be thoroughly tested to make sure it will work exactly as planned when you need it.
5: Don’t Pay Ransoms: While a ransom demand may seem cheaper than the costly downtime ransomware causes, it may not get you what you want anyway. There’s no guarantee the hackers will give you the encryption key when you pay up. They are criminals, after all. It also rewards this kind of misbehavior and further fuels the digital malware epidemic. Consider buying cyber insurance to pay ransoms and minimize the impacts of a successful attack.
6: Update Your Backup Strategy to Prioritize Your Data: Business-critical data needs to be restored first and fastest should it be compromised. Making sure that happens means setting priorities for all of your data—structured, unstructured, operating systems, and applications—and backing up everything as frequently as necessary to meet your RPO as well as establishing a strategy for recovering your data that meets your RTO.
7: Know Who’s Using Your Network: The addition of so many devices connected to your network these days has brought with it new risks. Remote workers may not have the level of security you’d expect in a company-owned device. If someone gains access to a user’s device, they can potentially open a backdoor to your network and hit your high-value data. So set policies and procedures that require a specific level of security for all connected devices. And if you have suppliers or partners that connect to your network, have them do the same.
8: Train Your Team To Spot Ransomware: As noted above, it isn’t easy to know whether an email or attachment is legitimate or not. So in 2021 commit to training your users to recognize risky emails, and to never click on a link or download a document unless they are certain it is legitimate.
9: Change All Access Point Passwords: Cybersecurity company F-Secure says nearly one-third of ransomware was distributed via brute force attacks. In brute force attacks, hackers try to access servers and other devices by trying as many passwords as possible using bots. If they get it right, you’re in trouble. Unfortunately, many companies never change default passwords or use easily guessed ones. Remote Desktop Protocol (RDP) attacks can also be launched the same way, with attackers attempting to guess passwords in order to remotely gain control of internet-facing endpoints. With RDP hackers can take control of connected PCs to launch their attack. Reducing the risks from these kinds of breaches ranges from using strong passwords to changing your RDP port to limit its availability only to devices that must have access.
10: Keep Your Systems Current: Patching software can be time-consuming and tedious. It’s also critical if you’re going to make sure your systems are safe. Hackers are quick to seize on software flaws that might get them into your network. The best way to keep that from happening to you is to make sure all of your software patches are up-to-date, minimizing the amount of time your systems may be exposed.