Tips on how to avoid the Ransomware attacks
Here are some tips on how to avoid the Ransom ware attacks that hit several high profile places recently:
First make sure you have Current signatures on your Firewall: Fundamentally, you need to make sure all security updates to your firewall are on it, immediately!. Next Move to your computers and make sure that all the security updates have been done on them.
NOTE: If you don’t have a Next-gen class firewall, such as a Sonicwall, I would strongly recommend you to look into getting one. The firewall functionality that these provide over a Linksys, TP-Link, Asus, Netgear, etc is significant and frankly it was the only firewall that fully protected against the recent Wannacry attack.
You can also use Cloud-based sandboxing and Deep packet inspection for further protection. Both of these features are able to be implemented, if needed, on the Sonicwall devices I recommended.
Since over half of malware today is encrypted, you need a solution that can decrypt that hidden traffic for security analysis. Deep packet inspection of SSL/TLS (DPI-SSL) is a crucial requirement for any next generation firewall.
Email security: Also, in order to block attacks from malicious emails, you will want to ensure that all of your email security services are up to date. Since 65% of all ransomware attacks happen through phishing emails, this also needs to be a core security element.
Make sure you have Recoverable backups: Actively maintain and test backups of core network systems, applications and data as a worst-case contingency measure. Never ever depend on one backup method. Always have multiple on different technologies for your backups. I have personally seen cloud recover take an entire week to restore a file server. Understand your pain points and how much you can afford to lose in time and your data. Certainly talk to an IT professional who can help you wade through the options for protection.
Last but certainly not least - Education: A key element of avoiding ransomware is continually training employees to spot suspicious email and file attachments. Criminals depend upon spoofing end-users into taking actions that lead to breaches. Forewarned is forearmed.
Feel free to call me at 585-343-2713, I am glad to spend time to understand your needs and explain in detail what would be the best path for you.
I hope this helps protect yourself and your business.
Paul Marchese
CNE, CTNE, ASP