How to Stop Ransomware
Key Technologies and Security Best Practices
54% of organizations have been hit by ransomware – twice on average. So it’s critical that you have advanced protection technologies in place, combined with good user security practices to keep your organization secure.
Securing Your Endpoints
Stopping ransomware from gaining a foothold on your endpoint devices is vital. Look for the following key features:
Secures your endpoints with unique technology that stops ransomware in its tracks. CryptoGuard complements your existing security, stopping malicious encryption attempts.
- Effective against Wanna, Petya, Locky, Cerber and much more
- Stops file, disk and boot ransomware
- Automatically rolls back changes to impacted files – no loss of data
Stops attackers from taking advantage of vulnerabilities in order to distribute and install ransomware.
Detects and quarantines ransomware before it can run, without relying on signatures.
HIPS Behavior Analysis/File Analytics
Examines the components/structure of files for malicious elements and checks if it contains code trying to modify the registry.
Searches malicious code and blocks access to exploited web pages.
Securing Your Servers
Servers contain your organization’s most sensitive data, making them even more critical to protect. Look for the following key features:
CryptoGuard Anti-ransomware Technology
Protects your valuable server files by blocking processes that attempt to maliciously encrypt your data.
Restricts which applications are allowed to run, and can block Wscript – which is often used by ransomware.
Establishes a “default deny” policy on servers so that only trusted applications can run – stopping ransomware from gaining a foothold.
Restricts removable media access such as USB keys to eliminate the risk of infected media.
Malicious Traffic Detection
Detects traffic to known ransomware Command & Control servers and blocks it.
Stop Phishing Emails
Phishing emails are a common attack vector for ransomware. Make sure your users are prepared:
Simulated Phishing Attacks
Tests the preparedness of your organization against targeted phishing campaigns.
Customizable Phishing Campaigns
Match the content of the emails to your organization and industry – carefully localized for multiple languages. For example, run a campaign on HIPAA compliance and train your users on suspicious things to look out for.
Detailed Insight into User Performance
Identifies how many users failed, how susceptible they are to phishing attacks, average training passing scores and more
Nine best security practices to apply now
Good IT security practices including regular training for employees are essential components of every single security setup. Make sure you’re following these nine best practices:
1) Patch early, patch often
The sooner you patch the fewer holes there are for ransomware to exploit.
2) Backup regularly and keep a recent backup copy off-line and off-site
Offline and off-site means ransomware can’t get to it. With recent backups data loss can be minimized.
3) Enable file extensions
5) Don’t enable macros in document attachments received via email
A lot of infections rely on persuading you to turn macros on, so don’t do it!
6) Be cautious about unsolicited attachments
If you aren’t sure – don’t open it. Check with the sender if possible.
7) Don't have more login power than you need
Admin rights could mean a local infection becomes a network disaster.
8) Stay up-to-date with new security features in your business applications
For example Office 2016 now includes a control called “Block macros from running in Office files from the internet”.
9) Patch early, patch often!
Staying on top of patching is so important that we’ve called it out twice. Don’t let ransomware exploit a patched vulnerability.