PROTECT YOUR ORGANIZATION FROM RANSOMWARE

How to Protect Your Organization from Ransomware | 2020-04-27 | Security Magazine

What is Ransomware?

Ransomware is a type of malware that encrypts a victim's files. The attackers then demand a ransom(extortion money or some asset) to restore access to the data upon payment.

There are two main types of ransomware.

  1. Crypto Ransomware
  2. Locker Ransomware
Crypto Ransomware encrypts valuable files on a computer and default users can not access them.

Locker Ransomware does not encrypt files, it locks the victim out of their device. And demand ransom to unlock the device.

How Ransomware works

One of the most common delivery systems is Phishing spam attachments that come to the victim in an email. Once the victim open or downloaded, attackers can access the victim's computer. Especially from social engineering tools, they can make users into allowing admin access. There are many things the malware may do, once they get access to the victim's computer.  Most common action is encrypting files of the victim's pc and requesting ransom to release it. But some forms of malware shutting down the computer presence of pornography or pirated software on the victim's computer. And attackers threaten victims to pay the ransom unless publicize the sensitive data. But extracting such information is a bit hard. Encryption ransomware is by far the common type of ransomware.

Best practices to protect from ransomware

  • Educate Employees:    

 IT professionals can easily spot fake and spoofed emails pretty easily. The best thing is to gather some examples of the types of phishing emails and educate users to identify those. And it is important to educate IT staff to identify phishing emails very quickly and take necessary actions.

  • Take backups                                                                                                                       

Getting backups may be hard. it needs a double charge to store backups. You do not want to be frustrated if your data has been a loss. So invest in the right purposes. Backup the databases and related files in a local backup drive or you can use cloud also.

  • Lockdown the open network shares

Sometimes when ransomware inflected to some computer and looking for open network shares to attack other pcs also. Thay may be more dangerous. To minimize the risk remove the everyone group from share permissions and create user groups. The system administrator has only access to share folders through those groups.

  • Use up to date anti-virus software

As your organization has paid anti-virus software, there can be ransomware which won't be caught by the anti-virus. But to minimize the risk you should have an antivirus installed on your pc as well as the employee's desktops. And it is necessary to update with new features. Do not allow it to expire.

References:

  • https://www.kaspersky.com/resource-center/threats/ransomware-examples
  • https://www.csoonline.com/article/3236183/what-is-ransomware-how-it-works-and-how-to-remove-it.html
  • https://www.carbonite.com/blog/article/2016/08/protect-your-company-from-ransomware-six-best-practices-for-it-pros





Comments

  1. Prabod_DunuwilaDecember 3, 2020 at 6:27 AM

    I think as a good practice, the organizations can also encrypt their data with a backup in place, so that even if the attackers get the access to data, the organization will be able to use the backup data without paying ransom.

    ReplyDelete
    Replies
    1. Rajitha GamageDecember 10, 2020 at 1:04 AM

      Yes, prabod. Backup is the best way to keep our data in secure manner.

      Delete
  2. Santhoopa JayawardhanaDecember 5, 2020 at 11:03 PM

    With the increasing rate of cyberattacks in the world it is of upmost importance for organizations to protect against these types of ransomware attacks. This article gives a good explanation on how ransomware works.

    ReplyDelete
    Replies
    1. Rajitha GamageDecember 10, 2020 at 1:05 AM

      Thank you for your motivation santhoopa. It makes me motivate.

      Delete
  3. Osura WeerasingheDecember 9, 2020 at 1:00 PM

    I think educating the employees/users would be the most effective strategy when dealing with these type of attacks. Downloading content from untrusted sources makes it easier for ransomware to get into the victim's machine this could be seen in many recent cases.

    ReplyDelete
    Replies
    1. Rajitha GamageDecember 10, 2020 at 1:08 AM

      Yes Osura, If all the employees know how attack happen the risk will be mitigate and they can get necessary actions for those.

      Delete
  4. Ruvy RathnayakeDecember 10, 2020 at 2:35 AM

    Very informative post Rajitha

    ReplyDelete
  5. KaweeDecember 10, 2020 at 8:49 AM

    By looking at the best practices to protect from ransomware I understood that it should be a collaborative effort from all the employees in an organization

    ReplyDelete
    Replies
    1. Rajitha GamageDecember 10, 2020 at 7:49 PM

      Yes Kawee, if all the employees didn't do something wrong and take necessary actions then data will be secure at all.

      Delete

Post a Comment

Popular posts from this blog

REVOLUTION TO 5G

Image
  What is "G"  That 1 G, 2G, 3G,4G and 5G are different generations of mobile networks, 1980 to 2020. "G" convey the meaning of the generation. As shown in the above image, every decade, a new generation was introduced with a specific set of standards with each generation. Especially the speed of those networks is increased. Journey From 1G to 5G 1G 1G was the first generation and it was the wireless telephone technology introduced in 1980 and completed in early 1990. Its speed was up to 2.4kbps. It allows the voice call in only one country. 1G network was using only analogue signals. what do you believe that compared to today's world and in 1G technology?. Amps were first launched in the USA in 1G mobile. Although 1G was the biggest revolution of its time. But in 1G there were a lot of drawbacks such as poor voice quality, the poor battery life, no security anybody can hake your limited capacity and poor handoff reliability. Because of that world move to the 2G...
Read more

SOCIAL ENGINEERING

Image
What is Social Engineering? Social engineering is that the term used for a broad vary of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into creating security mistakes or giving freely sensitive data. Social Engineering techniques Social engineering may happen in different forms anywhere where human interaction is involved. There are five most common forms of digital social engineering techniques. Baiting Scareware Pretexting Phishing Spear Phishing Baiting The way attackers do suits with English mean of the baiting. Actually, in Baiting, attackers find something the victim greed or curiosity. After making a friendship with the victim, trap the victim and steal their personal information or inflicts their systems with malware. The most reviled form of baiting uses physical media such as an infected flash drive.  But through online also attackers may attack using baiting. In this way, attackers might use some advertise...
Read more

NEED OF SIEM TOOL FOR ORGINIZATION

Image
  What is SIEM? SIEM stands for Security, Information and Event Management and it's pronounced SIM, "E" is silent when pronouncing. The main purpose of SIEM is, it is a system that collects log files, security alerts and events into one place. So security teams can more easily analyze data. An in another way you can think of a SIEM as a log management system specialized for security. How does SIEM work? SIEM collects all the information from other security systems like endpoint security, endpoint security, firewalls, intrusion detection systems. The logs and alerts from these systems needed to be stored centrally. So that analysts didn't have to go to each individual security product to conduct the investigations. Above image shows the tasks done from SIEM tool.  SIEM offer powerful log search features, the ability to trigger alerts using rules and reports that organizations can provide to auditors to demonstrate compliance with various regulations. The new SIEM is up...
Read more