Many companies suffer from ransomware. This highway robbery is both intrusive and extremely annoying leaving you feeling like the only thing you can do is PAY up! Whether or not to pay or not is a completely different discussion for a different day however how to prevent it is not. See the simple steps below on how you can help prevent the ever dreaded high jacking Ransomware. The best way to protect yourself from it is to prevent it from getting into the network initially. Most of the AV filters will not prevent you from all of the different forms of Ransomware so additional actions should be performed.
- End user Education- Start with educating your users. Many forms of Ransomware enter your network through careless use of the internet and opening email attachments from sources they don’t know!
- Lock down your file shares- Locking down your files shares will help to prevent the spread of these nasty softwares. Many of them search out for shares with full access and will drop files there.
- Block Executables- Blocking executables from being sent and received via e-mail is critical. If you can manage it, block executables from being downloaded from the internet.
- Keep Multiple Backups- Backups is one of your headline defenses from these types of Ransomware. We all hope to not need our backups but we also hope to not need our seatbelts in the car but we wear them don’t we?
- Disable files running from AppData folders- These files run mostly from these AppData folders and temp folders. Locking down these directories is a very easy thing to do!
- Monitor your network- Keeping your Intrusion Detection Systems (IDS) and more importantly having an Intrusion Prevention Systems (IPS) in place is very important. Keeping it up to date is more important.
Long story short, when it comes to cryptolocker or its spawns like cryptowall can be detrimental to your organization in regards to file loss and disruption of services. Taking the above steps will only help to prevent infections and is no way 100%. The biggest prevention step you can take is to educate your users by running tests. www.knowbe4.com is a highly recomended software for running phishing tests with many free tools available for your use. Run the fake phishing e-mails and then provide the results to your users during your next scheduled security awareness training session.