5 Cybersecurity Best Practices To Prevent Ransomware Attacks

Cybersecurity Best Practices

Apple, Acer, JBS, Kronos, Shutterfly, and Planned Parenthood are a few organizations to fall victim to some of the biggest ransomware attacks in 2021. As reported by Help Net Security, Ransomware attacks increased 148% in Q3 2021, showing no sign of slowing down.  

Loss of capital and days of business loss is devastating for any company, but particularly for smaller businesses, as over 50% of ransomware attacks target businesses with less than 100 employees. Sometimes the damage is irreparable when hackers leak sensitive data that severely damage the company’s reputation or divulges sensitive private data to its competitors.  

Regardless of the size of your business, here are five practical cybersecurity ways to protect yourself from such attacks.  

  1. Choose the right backup service provider and frequently back up all critical files. Choose a backup service provider that can guarantee immutable backups (to ensure ransomware can’t encrypt your backups) and easy access to unencrypted files via flexible but secure APIs. Create a manifest of files that are critical to your organization staying in business and frequently back up all critical files to the backup service provider. 
  2. Develop a recovery plan. While backing up critical files is a great first step, develop a formal plan for recovering files if a recovery process is needed. Document the conditions under which you should recover, who will carry out the recovery operations, how to identify what to recover, and how to recover identified files.  
  3. Train and Deploy an incident response team. Assemble a team of personnel with the express purpose of responding to a suspected ransomware attack. Also, train all users on how to recognize common ransomware attacks and provide a method for users to report suspicious messages or websites, and train users how to report anything suspicious. 
  4. Test your plan frequently. In addition to testing individual scripts, it’s important to test the entire recovery plan frequently. Ensure all participating personnel is comfortable with their roles and the plan flow. Frequent tests validate the plan’s effectiveness in changing environments and keep personnel fresh and ready to go.  
  5. Monitor critical files for suspicious changes. Implement file integrity monitoring on production filesystems to detect suspicious changes, such as those consistent with ransomware. As an added layer of protection, implement similar monitoring for backup locations. Any unauthorized backup changes or unusual changes to previously backed-up files should be noted. Ensure your backup service provider delivers alerts for suspicious backup changes.  

Nowadays, most organizations realize that merely enabling third-party mail filtering is not enough protection (attackers can easily bypass third-party gateway systems) and look at ransomware as a serious national and global problem that has impacted businesses and governments everywhere.   

The only solution is for Canadian companies to implement cybersecurity best practices to reduce their attack surface. Only then will ransomware groups decrease investments in resources, time, and money for launching campaigns that result in massive payouts. 

How We Can Help?

Click here to schedule a free consultation with a network specialist to go over your current cyber security plan and together we can implement sufficient protection against ransomware attacks.  

Subscribe to our NetagenConnect Newsletter Today. The NetagenConnect Newsletter aims to keep you updated to date with the latest technology that empowers your organization. Every Thursday, the latest issue is sent to over 2,500 technology leaders. Each message includes 3 short ideas to improve your technology stack, 2 short news snippets in the technology world, and 1 question for you to ponder.