Healthcare and Education sectors remain common ransomware targets 

 |  Nurah

What is ransomware? 

Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. A criminal group will then demand a ransom in exchange for decryption. The computer itself may become locked, or the data on it might be encrypted, stolen or deleted. The attackers may also threaten to leak the data they steal. 

In August, ransomware attacks had spiked globally to over 1.2m incidents a month, a month that remained low for confirmed attacks compared with earlier this year. Common sectors are healthcare and education, as this is where you can’t afford to have that data leaked due to data protection laws. 

The first line of defence is to ensure your networks are robust and impenetrable. Infrastructure leads will be responsible for ensuring this through methods such as HealthCheck on the internal systems, phishing and cyber training, and ensuring the execution of security updates as soon as possible.

On the security side, monitoring and blue team operations on the infrastructure can really shut down any malicious attempt to entry, or actual entry of the network. Therefore, frequent stress testing of the network can also ensure you are finding any gaps yourself before they’re exploited by attackers. By being proactive and reactive, it will ensure the chances of ransomware attacks are kept low. 

How to prevent ransomware? 

  1. Back up your most important files on a regular basis: Ideally, backup activity should be diversified, so that the failure of any single point won’t lead to the irreversible loss of data. Using immutable storage helps to prevent ransomware encrypting backups because it cannot be overwritten. Store one copy in the cloud, and the other on offline physical media, such as a portable HDD…4.
  1. Personalize your anti-spam settings the right way: Most ransomware variants are known to be spread via eye-catching emails that contain contagious attachments. It’s a great idea to configure your webmail server to block dubious attachments with extensions like .exe, .vbs, or.scr. 
  1. prevent malware from running on devices: centrally manage devices in order to only permit applications trusted by the enterprise to run on devices and don’t enable macros, for example; some ransomwares are distributed in Office documents that trick users into enabling macros. 
  1. prepare for an incident: Identify your critical assets and determine the impact on these if they were affected by a malware attack. In addition, determine how you will respond to the ransom demand and the threat of your organisation’s data being published. 

We offer a full infrastructure support package with full liaison with our security team. Let us empower you to take control of your cyber security. To get started finding weaknesses in your own infrastructure, contact us or Book your IT & Cyber Security Audit today. 

Subscribe to Our Newsletter

D2NA

500 King Street, Longton, Stoke-on-Trent, ST3 1EZ

Need Help?