SpearTip | July 9th, 2019

4 Simple Strategies To Consider When Planning A Ransomware Strategy.

With the numerous forms of ransomware that are spreading throughout the world, my inbox has been overloaded with questions, concerns and requests on how best to protect against this very serious threat. Rather than respond to the deluge of questions individually, I thought it best to start the conversations here. So, I’ll be breaking away from our usual format to provide you with a solid foundation on how to begin your cybersecurity strategy.

1. Anticipate Rather Than React.

While it may sound a bit self-serving, we highly recommend using an outside resource, such as my company SpearTip, for this phase of your protective strategy. Many companies get comfortable with their security efforts. They do their normal scans, follow normal compliance regulations, and if no known threats present themselves, company executives consider their organizations safe. Nothing could be further from the truth. Always look for the unexpected. Look for the anomaly. Seek out whatever seems out of the ordinary and investigate it immediately. Today’s cyber criminals represent the most sophisticated population of persons living outside the law in the history of the world. They know how and where to hide their programs within your systems, and how to avert your security, your firewalls and your programs.

2. Backup. Backup. Then Backup Again.

Any time you’re protecting yourself from a threat, your first rule should always be common sense. Nowhere is that more important than when it comes to ransomware. Backups can be lifesavers in the event of an attack. Backup everything every night. Use three different styles of backup. Your third and final copy should be stored offsite on a freestanding, quarantined drive, cloud or system that is not tied to your network in any way. By keeping your final backup in its own universe, and using it for your most critical data, you’ll have a safety net in the event you suffer a breach aimed at making your data irretrievable. Daily backups take time, commitment and dedication, but they offer a form of security that’s extremely hard to match.

3. Secure E-mail and Educate Employees.

E-mail remain your most vulnerable point of entry and the prime target for most cyber predators. While spam filters, and antivirus is a great step to catch the large majority of threats, it only takes one e-mail getting through to ransom an environment. Traditional spam filters and antivirus programs are no match for a sophisticated cybercriminal who wants to invade your network. So, you need to go to the next level for security, with sophisticated programs designed to detect both internal attackers and malware behaviors. But more important than addressing hardware and software needs is the ability, willingness and ongoing commitment that comes with training your employees. Human error is hands down the number one reason for ransomware breaches. While e-mail was once the haven for basic phishing schemes, e-mail now represents the primary carrier for ransomware, with the malicious code usually concealed within an attachment or executable file. With a simple, innocent and unknowing click, an employee can infect and effectively disable your entire network without even knowing it. Consequently, education is mandatory. Teach employees how to spot phishing e-mails, how to identify fictitious websites, and to never download executable files without some type of review structure in place. Where user training fails, be sure follow up with technology built from the ground up to secure your environment so that it can be properly monitored.

4. Have an Incident Response Plan in Place.

Ransomware is an unfortunate reality for business. So, have a battleplan in place for what you will do if your business is immobilized by a ransomware attacker. Cover every step, from how you’ll address your systems to how you’ll deal with the cyberthreat who wants a payoff. If you don’t know where to begin, bring in a cybersecurity expert. Cyber risk represents your greatest threat these days. That means you have to address the risk and address what your organization will do. These four points represent only the tip of the iceberg. If you need more answers, reach out to SpearTip or another cybersecurity specialty firm. Just be sure to reach out. The risks are simply too great to leave your business unprotected.