Ransomware is an important phenomenon nowadays and dealing with it is a top concern of IT admins. This type of malware is capable of incurring enormous costs on businesses that rely on IT to carry out everyday activities so protecting against it became a hot topic in IT communities. From our experience, simple measures and the right technology, all packed in a multi-layered security strategy, are enough to protect against ransomware without investing big budgets. Here is our advice:
1. Train employees to identify suspicious emails and websites
Most ransomware arrives via email SPAM campaigns or malicious websites, so employee awareness in this respect helps a lot preventing ransomware infections. Users should learn how to detect suspicious emails, although attackers put a lot of effort into making them appealing. SPAM campaigns claiming to offer something for nothing and document attachments labeled as very important but sent by suspicious email addresses are easy to spot with the right training, and simple tests carried out from time to time.
2. Use anti-ransomware technology
Specialized anti-ransomware technology covers the gap left open by antivirus software unable to deal with zero-day and custom ransomware variants that have not been researched. Ransomware mimics user behavior very well and “benefits” from the latest obfuscation technology built to elude antivirus detection. It is environmentally aware, avoids sandboxes and virtual environments and can even detect antivirus engines. Specialized anti-ransomware does not rely on updates or common antivirus technology, but instead detects the ransomware based on the actions it takes on a machine. Such software is highly efficient in detecting and stopping ransomware, as well as protecting the files and allowing data recovery in case of ransomware incidents.
3. Use antivirus technology
Antivirus technology protects against common malware and reduces the chance of ransomware infections by stopping known variants before they run on your systems. Such technology should be used in conjunction with anti-ransomware technology for best protection.
4. Use backup to ensure business continuity
Any company should have a disaster recovery plan in place, and backup software is a critical part of it. When it comes to ransomware, you always lose the files between the last backup and the unfortunate incident. Since backup in real time is a problem for IT, many companies settle for daily backups of critical data. This may or may not be enough. Ideally, backup for disaster recovery should be combined with anti-ransomware technology to ensure that:
– You do not lose any files – as anti-ransomware technology restores the latest modified files, adding to whatever is being recovered from daily backups;
– You do not backup encrypted files – Yes, this is a major issue as the backup software does not have enough awareness to identify such files. The last thing you want is to have backups of encrypted data which cannot be restored and no clue about it.
5. Keep your systems up to date
Although the majority of ransomware does not have worm-like capabilities, WannaCry demonstrated once again that malware is evolving and included features that enabled it to spread. Having the systems and applications up to date reduces the risk of such incidents spreading.
Having a multi-layered security approach to the ransomware issue is a considerable effort for IT departments. Planning, implementation, testing and validation all take time and involve costs, but think about the cost a single ransomware incident can incur: for how long do you afford to be shut down? How much does it cost to recover from such events (data, reputation, lost deliverables, etc.)? Ransomware cost per incident exceeds the cost of implementing and maintaining a multi-layered security strategy for a medium enterprise.
How we can help
Our dedicated solution TEMASOFT Ranstop, is an anti-ransomware software that detects present and future ransomware, based on file access pattern analysis with a high degree of accuracy. At the same time, it protects user files so that they can be restored in case of malware attacks or accidental loss. TEMASOFT Ranstop is at the core of any multi-layered security strategy designed to protect against ransomware.
For more information, follow us on social media and subscribe to our newsletter.