Ransomware attacks cost companies over $100 billion a year. Making matters worse, the overwhelming majority of ransomware attacks now include a threat to leak stolen data if the ransom isn’t paid, a technique called “double extortion.”
Cybercriminals like ransomware because the entry barrier is exceedingly low — if you don’t know what you’re doing, you can always buy a “ransomware-as-a-service” solution off the Dark Web — and the paydays are lucrative.
Preventing ransomware attacks requires a layered approach that combines security defenses with proactive measures to prevent ransomware from taking hold in the first place. Here are 5 tips.
1. Perform regular system backups
Long the gold standard of ransomware recovery, systems backups don’t provide as much protection as they once did due to double extortion. Additionally, many next-gen ransomware strains seek out and destroy backups. However, secure backups still play a vital role in restoring systems after a ransomware attack, as well as hardware failures and natural disasters. Utilize at least two different backup methods, each stored at a different location.
2. Segment your network
Network segmentation, which involves parceling off a larger network into smaller segments using firewalls, virtual LANs, and other techniques, doesn’t prevent cyberattacks from happening. However, it does stop malware or human intruders from moving laterally within your network — a key factor in double extortion ransomware attacks. Cybercriminals can’t exfiltrate what they can’t access. Segmenting is typically done by function, such as separating customer-facing services from internal apps, or by data type, such as separating regulated data from non-regulated data.
3. Conduct regular network security assessments
Most compliance standards, including NIST, HIPAA, and PCI DSS, mandate that organizations perform penetration tests and vulnerability scans at certain intervals. Typically, they require organizations to run vulnerability scans quarterly and perform penetration tests annually. However, these are the bare minimum requirements. There are many circumstances under which more frequent scans or pen testing are warranted, such as whenever organizations make a major change to their data environment.
4. Conduct employee security training
It happens every day: Millions of dollars worth of security technologies are defeated because an employee clicked on a phishing link. Just as employees who work in industrial environments must undergo safety training to operate machinery, knowledge workers must be trained to operate computers safely. Because the cybersecurity threat environment is always changing, employee cybersecurity training is a process of continuing education. Among other things, organizations need to regularly conduct simulated “phishing attacks” to gauge employee awareness and knowledge. Employees also need to know who to contact, and how to get in touch with them, if they encounter a security issue or have a question.
5. Get your password security under control
Even before remote work became widespread, over 80% of data breaches were due to compromised passwords. As remote work exploded in popularity, brute-force attacks targeting remote desktop protocol (RDP) connection credentials rose exponentially. The majority of ransomware attacks now involve either RDP credential compromise or phishing — in other words, compromised passwords. Organizations need to implement robust password security protocols, including requiring employees to use strong, unique passwords for every account and enable multi-factor authentication (2FA) whenever it’s supported.
Prevent Ransomware Attacks with Keeper’s Enterprise Password Management Solution
Keeper’s enterprise-grade password management platform helps prevent ransomware attacks by providing IT and security administrators complete visibility and control of employee password practices, enabling them to enforce password security policies organization-wide.
Additionally, fine-grained access controls allow administrators to set employee permissions based on their roles and responsibilities, as well as set up shared folders for individual groups, such as job classifications or project teams.
Keeper deploys quickly, is simple for all employees to use, and scales to the size of your organization. Find out how Keeper can help you prevent ransomware incidents and other password-related cyberattacks; attend a demo, and we’ll give you a FREE three-year personal Keeper plan!