Ransomware attacks are growing by leaps and bounds. You can’t go a single week without hearing about another victim of a ransomware attack. What’s a user to do? eWeek has a post with five recommendations for actions to help limit the success of a ransomware attack. The recommendations are the compilation of suggestions by CIOs for dealing with ransomware.
- Better Management
- Cybersecurity Maturity
- Know Your Data
- Data Backups
- Involve Your Employees.
These are good suggestions. Too often, users believe that they will not be the target of a ransomware attack. We all need to up our security game and do a better job of protecting our systems. Backups are absolutely critical, but make sure they are offline and not accessible to the attacker. One of the tactics is to search out backups for the firm and encrypt or destroy them.
I would also add another item to the list. Implement an EDR (Endpoint Detection and Response) application. EDR is different than traditional anti-virus security suites. EDR products are much more sophisticated utilizing AI, machine learning, heuristics, etc. to monitor and control suspicious activity. Some even have the ability to roll back to a prior known good state (pre-infection) and work with a SOC (Security Operations Center) to analyze detrimental activities.