Top 5 ways to avoid ransomware
Ransomware isnt't going to abate in 2018 - what are the best ways to avoid it?
Ransomware is here, it's a very real threat, and as indicated by our research, it's not going anywhere - at least into 2018.
With this in mind, what are the best ways to avoid - or at least heavily mitigate - a ransomware attack on your enterprise? We've put together - with the assistance of some industry experts, as well as our own findings - the definitive guide. What are the main things your organisation should be doing to avoid ransomware?
Skill up
It can't be stated enough how important it is to properly educate your users on simple vigilance.
Computing research shows that 66 per cent of ransomware attacks are identified before they make an impact - and yet that impact is still made. In a good amount of cases, simply not clicking a bogus PayPal, Amazon or fake intranet link could have averted disaster.
However, it's not all about education, but also user support from the right basic tech, as Paul Edmunds, head of technology at the National Crime Agency tells us:
"Better education is very important - it's about awareness. Some of these emails are really good - you can't necesarily tell they're ransomware. General awareness can push down the risk," he concedes.
"But also, don't rule out proper antivirus and security devices. Antivirus solutions are pretty good at picking up on malware signatures, and so being able to update [software] quickly can really help as well," Edmunds advises.
Don't rely on one just anti-virus or firewall product
While we've just established that good software can be a fine way to back up enhanced staff knowledge around threat, Edmunds observes that employing a spread of products and services in this regard is essential:
"A few years ago, people put a walled garden up, and put most of their effort into protecting that wall, but it's becoming more and more recognised now that that's not sufficient.
"You can't consider the office network as a physically secure environment anymore, which means you'll have to take a different approach of depth to protect against the spread of malware and ramsomware. It means protecting data on devices. And despite all this, attackers will be successful sometimes - prevention is indeed moving to detection".
Don't just do security as a tick box exercise
A security architect in a finance company told Computing, as part of our recent research, that frighteningly, many company boards still aspire to nothing more than being 'not that bad' in comparison to peers, rather than trying to actively fight malware.
"You would expect [the board] would sit up and listen to our advice and put it into action, but the actual implementation or actions very, very rarely happen.
So they wanted somebody to validate 'I'm not that bad, I'm sort of about the same as my peers'."
Rather than investing in "organisational capability and processes", this architect lamented that a business would still rather put spare cash into updating existing infrastructures which are already lacking, but just about getting the job done.
This is clearly very dangerous practice.
Top 5 ways to avoid ransomware
Ransomware isnt't going to abate in 2018 - what are the best ways to avoid it?
Install every update - and keep your OS up to date.
It sounds unbelievable, but many organisations are still lagging behind on keeping their security patching up to date. But with the landscape changing so fast, it's now of paramount importance to do this.
"Patching vulnerabilities out of the system cuts down rhe options [attackers] can use," advises Edmunds.
"When you look at the botnets repurposed for DDoS, and there are millions of machines taken over and used, the majority of those machines tend to be at lower patch levels, and even older operating systems. New patches and systems are less vulnerable - the statistics bear that out."
If ransomware hits - limit the impact
All is not lost if and when you actually become a victim. Edmunds, again:
"Companies who had networks that were segregated tended to fare better than those with flat networks that allowed malware to go all over the company," he says.
"Limiting access controls and what can be run, and who can run stuff on different servers is also a wise approach."
Edmunds suggests in-depth segregation is important on enterprise networks, as is the age-old idea of simply keeping backups:
"Backups are hugely important here - you don't want to be in the position where you have to consider paying the ransom."
Computing research shows that, currently, 31 per cent of UK enterprises would consider paying up after a ransomware attack.