Prevention is more effective than remediation
There a number of measures businesses can take to reduce the likelihood of attacks such as ransomware making its way onto the corporate network.
Security Controls – this is a critical part of an organisations defences. These should include email filtering, web filtering and a corporate anti-virus solution that includes ransomware detection capabilities.
Have robust back-up in place – regularly back up files and data to an offline location (such as tape) that can’t be touched by for example ransomware. This will allow organisations to be better positioned to mitigate the impact of a ransomware attack.
Staff education and training – this is absolutely critical within organisations of all sizes to ensure that knowledge of attacks are shared. Employees can be educated to watch out for the tell-tale signs and flags of a potential ransomware infection, whatever the delivery mechanism. This can be aided massively by a simulated and targeted attack against your organisation.
Never pay the ransom – under absolutely no circumstances should the ransom be paid. If you pay the ransom you will open up yourself and the organisation to becoming a key target for wider attacks, and there is absolutely no guarantee that your files will actually be decrypted. After all, would you rely on a criminal’s promise?
Desktop applications – these are often overlooked by organisations and represent a major and key attack vector. This will only continue into 2017. Listen to our Chris Cooper (Security Team Leader) on demand who discussed this risk in greater detail. Click here to access the webcast.