In this contributed article, Drawbridge CISO Simon Eyre highlights the continuing – and growing – threat of ransomware. He also offers four steps to combat ransomware, which are summarized below.
Four steps to combat ransomware
- Preparation and testing (“It’s critical to be able to access [the incident response] plan at a moment’s notice, so make sure that there is a physical copy available (as well as anything stored on servers and networks). It might seem a bit anachronistic to prepare for a digital assault with a piece of paper, but if an attack succeeds in locking you out of that file, what will you do then?”
- Senior buy-in (“When so much of ransomware is based on fast access to sensitive networks, it is imperative that everyone, from top to bottom, understands basic cyber hygiene principles and invests in maintaining (and indeed enhancing) their security education.”)
- Training (“With more people working remotely, companies need to protect not just corporate networks in the office, but the endpoints their staff are using from a variety of different locations. That means adapting policies and procedures, rethinking how you look at securing perimeters and implementing approaches that support people to work where they need to, without compromising security.”)
- Mitigation (“Your incident response plan will provide further details on what to do, which could include informing customers, investors, shareholders, regulatory bodies and other government agencies, depending on the nature of the attack and what has been targeted. There could also be a need to liaise with insurance providers, who may offer services relating to ransomware attacks.”)
Should you pay the ransom?
It may seem convenient to end a ransomware attack and move on by simply paying the demanded fees, but did you know that doing so may invalidate some cyber insurance policies – and may even be illegal in some jurisdictions?
“Every time businesses think they’ve found a way to protect themselves, cyber threats evolve – and ransomware is no different.”
Read the full text of the article on Cyber Security Intelligence.