Over the last few years, the number of users encountering targeted ransomware – malware used to extort money from high-profile targets, such as corporations, government agencies, and municipal organisations – increased by 767%.
With that in mind, here are 6 things you can do to defend against ransomware attacks:
- Assume you will be hit. Ransomware remains highly prevalent – no sector, country or organization size is immune from the risk. It’s better to be prepared, but not hit, rather than the other way round.
- Make backups and keep a copy offline. Backups are the main method organizations surveyed used to recover their data after an attack. Opt for the industry-standard approach of 3:2:1 (three sets of backups, using two different media, one of which is kept offline).
- Deploy layered protection. As more ransomware attacks also involve extortion, it is more important than ever to keep adversaries out in the first place. Use layered protection to block attackers at as many points as possible across an estate
- Combine human experts and anti-ransomware technology. The key to stopping ransomware is defence in depth that combines dedicated anti-ransomware technology and human-led threat hunting.
- Don’t pay the ransom. Easy to say, but far less easy to do when an organization has ground to a halt due to a ransomware attack. Independent of any ethical considerations, paying the ransom is an ineffective way to get data back. If you do decide to pay, bear in mind that the adversaries will restore, on average, only two-thirds of your files.
- Have a malware recovery plan. The best way to stop a cyberattack from turning into a full breach is to prepare in advance. Organizations that fall victim to an attack often realize they could have avoided significant financial loss and disruption if they had an incident response plan in place.
