Organizations worldwide are in the midst of a massive wave of ransomware attacks. In the last 3 months alone, the daily average of ransomware attacks has increased by 50%. As these attacks continue to mature both in frequency and intensity, their impact on business has grown exponentially. Claiming a new victim every 10 seconds, ransomware has proved to be a lucrative attack method for cybercriminals.
So what can organizations do to ensure they are less susceptible to ransomware attacks? Here are some tips to consider.
Ransomware best practices
Based on the information available on known first ransomware variants, such as WannaCry, NotPetya and TeslaCrypt, various best practices can be drawn up when it comes to ransomware prevention.
- Education: Training users on how to identify and avoid potential ransomware attacks is crucial. Many of the current cyber-attacks start with a targeted email that does not even contain malware, but a socially-engineered message that encourages the user to click on a malicious link. User education is often considered as one of the most important defenses an organization can deploy.
- Continuously data backups: Maintaining regular backups of data as a routine process is a very important practice to prevent losing data, and to be able to recover it in the event of corruption or disk hardware malfunction. Functional backups can also help organizations recover from ransomware attacks.
- Patching: Patching is a critical component in defending against ransomware attacks as cyber-criminals will often look for the latest uncovered exploits in the patches made available and then target systems that are not yet patched. It is critical that organizations ensure that all systems have the latest patches applied to them as this reduces the number of potential vulnerabilities within the business for an attacker to exploit.
Security Best Practice
- Endpoint protections: Conventional signature-based anti-virus is a highly efficient solution for preventing known attacks and should definitely be implemented in any organization, as it protects against a majority of the malware attacks that an organization faces.
- Network protections: Advanced protections in the enterprise network such as IPS, Network Anti-Virus and Anti-Bot are also crucial and efficient in preventing known attacks. Advanced technologies such as sandboxing have the capability to analyze new, unknown malware, execute in real time, look for signs that it is malicious code and as a result block it and prevent it from infecting endpoints and spreading to other locations in the organization. As such, sandboxing is an important prevention mechanism that can protect against evasive or zero-day malware, and defend against many types of unknown attacks on the organization.
Check Point Sandblast
Check Point’s Anti-Ransomware solution defends organizations against the most sophisticated ransomware attacks, and safely recovers encrypted data, ensuring business continuity and productivity. Anti-Ransomware is offered as part of Check Point’s comprehensive endpoint security suite, SandBlast Agent, to deliver real-time threat prevention to your organization’s endpoints.
Want to know more about Check Point’s SandBlast technology? Contact TD Security to discuss your customer’s specific situation.