How Businesses Can Fight Ransomware Attacks? Six Ways to Protect Your Organization

By Apac CIO Outlook | Monday, December 03, 2018

Ransomware attacks are on the rise, and the malicious actors have learned that there is an effective way to mint money in a short amount of time. Attackers do not require any programming skills instead they can obtain the code from the hacker community thereby making it troublesome for the authorities to reach out and identify the attacker.

Many small and medium-sized organizations have been affected by it and have paid ransoms because they did not back up their data and did not have an option to recover it as well. Many times organizations have, or they are forced out of business. The most affected industry is healthcare as hospitals have to pay ransom if they did not back up the patient data as they need to retrieve the data promptly to access records of patients who require immediate care.

Therefore to protect the organization from a ransomware attack, it is essential to follow the steps mentioned below.

1. Employee training: The employees of an organization must be trained about what ransomware is and what methods these cyber actors adapt to initiate attacks- phishing attack. Training and mock tests should be conducted on a regular basis to keep a check and evaluate the employees.

2. Apply updates and patches: Weakness in systems is one of the easiest targets for cyber attackers. Organizations must make sure that they always apply updates and patches for any system as soon as possible. Delaying in this process is a welcome sign for the hackers. Patching progress, procedures, and policies must review for effectiveness monthly or quarterly.

3. Antivirus tools on endpoints: Multiple layers of security become a must. An organization must opt for implementing all the tools to protect their network for complete protection. These tools include anti-virus, anti-malware, anti-spyware, anti-intrusion. Organizations must have some web filter that can prevent the leak of sensitive data.

4. Backup and Test your data: It is essential for businesses to back up their crucial data. One must include recovery point objective (RPO) and recovery time objective (RTO) in their disaster recovery plan and must test it every year to verify that the targets are met or not. Also, it is essential to make sure that the backup data is protected from ransomware attacks.

5. Vulnerability assessments: The assessor must be aware of the ransomware attack and should consider the vulnerabilities is not just in the applications or servers; it might be in the organizational procedures and policies. These assessments should verify that the appropriate methods adopted to prevent ransomware are followed consistently, and therefore these assessments should be conducted annually.

6. Monitor and alert for suspicious activities: Monitoring a network is a continuous process and must be done daily. Most of the organizations have advanced tools and techniques, but as they do not monitor daily, it becomes ineffective. Any plan to prevent ransomware must include procedures for monitoring and alerting the concerned authorities.