All Research
Leadership Brief
Ransomware is an epidemic. Prevention is the best strategy. Don’t give up and pay the ransom.

1 Recommendations

Defense is the best option. Once users see the ransom notes, the damage has usually been done.

Training: Defense in depth starts with good security training for users: avoid suspicious links and sites, and don’t open attachments. Use 3rd party anti-phishing training.

Disable Macros: By default in both local installations and Office 365. Instruct users to only enable when necessary.

Edge Net Filtering: Use appliances or proxies that perform in-line scanning of web and email traffic to remove malicious attachments, and block access to nefarious sites and malvertising ads. Augment with real-time updates from cyber threat intelligence subscription services.

Endpoint Security: Deploy comprehensive endpoint security tools with

  • Anti-Malware Signature-based anti-virus has become largely ineffective, with polymorphic malware able to change the characteristics of malicious payloads to evade detection. Implement endpoint security packages that use heuristic/behavioral analysis techniques to look for and quarantine suspicious code, e.g. code that calls encryption libraries.
  • Privilege Management Enforce least privilege for users and deny malware access to advanced OS functions.
  • Application Whitelisting Prevent malware from using common desktop applications to perform Just-in-Time malware assembly and encryption.
  • Patching Reduce the attack surface by ensuring that vulnerabilities within OSes and applications are mitigated as quickly as possible with rapid and automatic patching.

Data backups: Data backups are essential to prevent information loss in case of ransomware attacks. Enterprises are usually very good at backing up server-based repositories, but sometimes miss data on desktops and laptops.

Sterilize and restore procedures: To decrease downtime in cases where ransomware attacks have succeeded, have automated procedures available to quickly flatten and reload operating systems and users’ applications, as well as user data.

Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Register
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use