GDT Webinar Series – How to Fail at Security? Reserve Your Spot

Ransomware: How to protect against it

Ransomware - How to protect

If you’re not familiar with how ransomware works, call the city of Atlanta’s IT department. On March 22nd, they were hit with the SamSam ransomware, which created, in effect, an encrypted wall that prevented employees from accessing needed data. It effectively ground city services to a halt. The city couldn’t collect parking fines and payments for city services. Police had to hand-write reports, which greatly hindered the force’s efficiency.
The cyber attackers threatened to wipe the city’s computers clean unless they coughed up a bitcoin-based ransom payment. It’s unclear whether the payment was ever made (slowly the city has been able to bring services back online), but the attack has cost the city an estimated $2 million to date. The attackers who introduced SamSam three (3) years ago have collected almost $1 million, and that figure will likely grow.
There are a number of ways organizations can protect themselves against ransomware. Nothing is sure-fire, though; it’s a high stakes cat-and-mouse game. In the case of SamSam, as with most ransomware, it learns and adapts from each new attack.

First, make sure you’ve implemented the following…

These security measures might seem simple and intuitive, but they represent the best defenses―when implemented collectively―against falling victim to ransomware.

  • Make certain antivirus software is installed and up-to-date on all endpoints of your organization. It’s a great first line of defense, but relying on it alone could be a fool’s paradise.
  • Back up all data on a regular basis, which can be accomplished via the cloud or local storage devices. Flash storage is based on high-speed, electrically programmable memory. It performs and writes data in a flash, and is a form of non-volatile memory that doesn’t require power to maintain its stored data. Flash storage is more durable, and not as susceptible to bumps and drops, which means data is stored and maintained more securely.
  • Create Group Policy (GPO) restrictions, which are simple and easy to implement. They can provide control over the execution of files, such as those from users’ APPDATA directories.
  • Make sure the latest security patches are installed on all third-party applications like, as examples, Adobe, Flash and Java.
  • Restrict administrative rights to a few, select employees. Organizations might believe they’ve been restrictive, only to learn that, after several years, hundreds of employees have been granted administrative rights.
  • Implement security awareness training. While the aforementioned are key elements for helping secure your organization from ransomware and malware, the biggest threat comes from a lack of employee education. Make sure users ask themselves, prior to opening a link or attachment, Do I know the sender? and Do I really need to open this link or file? If they don’t consider these questions, your organization could be ripe for the picking―or phishing―which is one of the most common entry gateways for ransomware.

Consider calling on the experts

Not proactively protecting your organization’s network and data against ransomware attacks is really a pay-me-now-or-pay-me-later proposition. If you choose to ignore it or believe you’ve got it all covered, it’s a good idea to consult with network security experts like those at GDT. They can help your organization ensure the necessary steps, solutions and hardware are in place to prevent it from falling victim to a ransomware attack.

Author

Share this article

You might also like:

Data is truly the lifeblood of business operations—as evidenced by the explosion of data, which is expected to swell from 120 zettabytes in 2023 to 180 zettabytes by 2025. The backbone of data center resiliency is secure, effective, high-performing data storage. Here’s how modern data storage solutions reinforce data center

Understand Software and Maintenance Overspend As anyone with visibility into business IT costs knows, it’s incredibly easy to overspend on software and maintenance without realizing it. The average organization uses upward of a hundred software applications. As a result, the asset portfolio becomes complex and disparate, driving up maintenance and

A resilient data center is no simple thing to maintain — which is why many organizations fail to evaluate their resiliency until it’s too late. Infrastructure complexity, resource limitations, and constantly evolving cyberthreats make it tough to stay on top of risk mitigation.  But without the proactive investment in a