Best Practices for Dealing with Ransomware

Posted on Apr 19, 2016

Ransomware is today's malware-du-jour, and it's as bad as it sounds. With ransomware, your system is incapacitated, typically through a Trojan that encrypts your files or otherwise locks you out until you pay the extortionist's fee. Here, we examine a few cybersecurity awareness best practices to avoid the trap of these cybercriminals.

Cyber Threat Exchange - common defense is common sense

Backup Religiously
If you regularly backup your data at least nightly, and make sure all employees adhere to the backup protocols, the worst that can happen is you lose one day's worth of data. While in many businesses losing one day's worth of data is extremely costly, it is still exponentially better than losing a week or even a month's worth of data. The key is to have a backup drive that is connected only during the backup so that it is not able to be compromised. Another option is to use a cloud-based service.

Filter and Quarantine Incoming Executables
Currently, most threats come into an organization as an executable file (*.exe) through company email. But, in most cases, your typical email user has no need for an executable file, so you can set up an email gateway scanner to block and quarantine all incoming executables. In the rare case that the file is legitimate, you can simply release it to the recipient.

Show All Incoming File Extensions
Related to the point about executable files is the fact that many harmful files are made to look like harmless files using some sort of name to inspire trust or describing the file as a Word doc or pdf file when it is not. A good way to reduce this kind of risk is to turn off the default operating system viewing option so that all file extensions are shown. That way, if an email claims to include a pdf of a business report, but it is not in pdf format, the email recipient can clearly see that.

Disable Files Seeking to Run from Certain Folders
A third part of this same point is to disallow executables from running from App Data or Local App Data folders. Most legitimate executables run from Program folders.

Utilize NC4 Mission Center™
Having your data in a secure environment helps you avoid ransomware attacks. NC4 Mission Center is a managed service solution that gives public and private sector organizations a highly secure, web-based, cybersecurity awareness platform for secure communication and collaboration. NC4 Mission Center brings dispersed organizations flexible, compartmentalized data sharing environments configured with effective collaborative tools and functionality needed for exchanging critical information.

For more information on NC4 Mission Center, contact us today at 877-624-4999.

Latest Blog Posts

Blog Categories

Contact Us

Which of our solutions are you interested in?*