1.) Train your staff to be suspicious- Being suspicious in some cases do works and here’s the best reason to prove it. According to a study carried out by Kaspersky Labs 60% of ransomware attacks take place through email phishing. So, do not open email attachments or click hyperlinks in emails that are sent to you by anonymous. Remember, such attachments can contain malware which can transmit malware like ransomware into your network. In some cases when you know the caller, but weren’t expecting an email or message from his/her side, then just give a confirmation call or text to gain the confidence of the email credibility.
2.) Keep your systems up-to-date- Always make a point to keep your system updated with the latest security patches and make sure your systems anti-virus signatures are up to date.
3.) Blocking ports makes sense- Blocking SMB ports from external hosts reduces threat surface to a large extent. Blocking UDP ports such as 135,137,138 to prevent lateral movement within the network will also help in keeping your network free from malware attacks.
4.) Data Backup- Backing up data helps to keep business continuity alive in situations like in a cyber attack. Imagine, your database is locked by a ransomware. But you have a backup plan in place to keep your data continuity live. Won’t it prove extremely helpful …? Just think on it!
5.) Isolate critical data- Identifying and isolating critical data by using dispersal storage techniques helps in segmenting the data from the rest of the network under cyber attack circumstances. This also helps in annihilating the spread of malware to other departments. Also, segregation of duties between user and admin accounts helps in isolating your enterprise network from a large variant of ransomware attacks.
Note- June 27th,2017 witnessed a breakout of new ransomware on computers operating in more than 65 countries including Ukraine, Europe and some parts of Australia. The malware showed characteristics like a Petya ransomware but was a different one in reality. Security experts from Cisco Talos discovered that the malware was not developed to take data as a hostage for a ransom to be paid in Bitcoins digital currency. But was created to destroy the database or corrupt the entire database.
So, businesses should better be careful with such malware. Because data loss can shut down a business on a permanent note.