Ten Steps to Protecting Against Ransomware
Cyber-attacks have been growing and becoming more notorious in society for both individuals and companies. According to the Panorama of Cyber Threats in Puerto Rico published by our business partner FortiNet in 2020, 152 million attempted cyberattacks were registered in the country. Cybercriminals demonstrated the ability to invest time and resources in more lucrative attacks such as ransomware. Another important fact is that these attacks have adapted to the new era of remote work with more sophisticated actions to deceive victims and access corporate networks.
According to a recent report from our business partner FortiNet, the cost of a single ransomware incident averages around $713,000.00 if the costs of paying the ransom are calculated along with the related losses. However bleak this news may sound; organizations have a way to effectively defend themselves against ransomware. For this reason, you must know some of the best practices to prevent as many attacks as possible and then take the appropriate precautions to minimize the impact of any attack. Here are the ten FortiNet-defined resources that WorldNet recommends for companies to implement anti-ransomware strategies:
- Define your attack surface: Begin by identifying all the systems, devices, and services in your environment that you trust to conduct business and maintain active inventory. Not only does this process help you identify your most vulnerable targets, but it should also help you draw your system’s baseline for recovery.
- Patch and update your vulnerable devices: Establishing and maintaining a regular update protocol is just one of the basic best practices. Since not all systems can be taken offline for patching or upgrading, they must be replaced or protected using strict proximity controls and isolation or zero-trust strategy.
- Update your security systems: Businesses should ensure that all their security solutions are running the latest updates.
- Segment your network: Network segmentation ensures that compromised systems and malware are contained in a specific segment of the network. This includes isolating your intellectual property and personally identifiable information from employees and customers.
- Secure your extended network: Ensure that the security solutions deployed in your core network are replicated across your extended network, including operational technology (OT) networks, cloud environments, and branch offices, to avoid security breaches. Also take the time to review any connections from other organizations (customers, partners, suppliers) that touch your network.
- Isolate your recovery systems and back up your data: You should take regular data and system backups and, equally critical, store those backups off the network so that they are not compromised in the event of a breach.
- Run recovery drills: Regular recovery drills ensure that backed-up data is available, all necessary resources can be restored, and all systems are operating as expected. It also ensures that chains of command are in place and that all individuals and teams understand their responsibilities.
- Leverage Outside Experts: Establish a list of trusted experts and consultants that you can contact in the event of a compromise to help you through the recovery process. When possible, you should also involve them in your recovery drills. At WorldNet, we have experienced staff who can assist you in the process.
- Pay Attention to Ransomware Events: Stay on top of the latest ransomware news by subscribing to threat intelligence services and news sources, make it a habit for your team to learn how and why systems were compromised, and then apply those lessons to your environment.
- Educate Employees: Rather than being the weakest link in your security chain, your employees should be your first line of cyber defense. Because ransomware typically begins with a phishing campaign, you must educate them on the latest tactics cybercriminals are using to mislead you, whether they are targeting corporate, personal, or mobile devices.
Being educated on the subject, with the correct tools and continuous monitoring can significantly reduce the chances of being the target of a cyber-attack. WorldNet and FortiNet have the resources, experiences, and technologies to help them in such an important area of the organization. If you want to know more about the subject, we invite you to see the complete document in the attached link. You can also contact us at 787-705-9000 and one of our experts will assist you in the process of designing the ideal security solution for your business.