Ransomware has been a growing threat year after year.\u00a0 In fact, according to CyberSecurity Ventures, it is predicted that ransomware is expected to take a great share of the 6 TRILLION dollar cybercrime industry by 2021.\u00a0 Often times, organizations do not have adequate ways to combat this threat.\u00a0 Many IT managers think that anti-virus software is the cure-all, and unfortunately, it is very easy for predators to fool anti-viral software.<\/p>\n
In this article, we will address how ransomware works, and then follow up with ways to address each scenario.<\/p>\n
Employee interactions with emails that appear to be legitimate have been an issue for over a decade and continue even today to trick individuals into thinking as such.\u00a0 The two main ways a hacker tries to infect a host is via links within the email and attachments.<\/p>\n
While there are many sub-subjects related to addressing relaxed password policies, there are two primary ways a hacker can gain access themselves and deliver a payload that can potentially spread to your overall infrastructure.<\/p>\n
Hosted Email Security Gateway<\/strong> \u2013 One of the most crucial ways to combat ransomware attempts is to have protection in the infrastructure layer before emails are delivered to the end-user.\u00a0 One great way is a hosted email security service<\/a>.\u00a0 Such as service is built for the enterprise and is constantly updated with new threats. It also provides a host of other benefits that every organization should consider.<\/p>\n Disable Administrator\/Root Accounts<\/strong> \u2013 This is a very easy step for organizations to take and adds another layer of guess work for a potential hacker.<\/p>\n Establish Specific Password Policies<\/strong> \u2013 There are many software\u2019s built for the enterprise that you can utilize to help manage your passwords in addition to providing other security features for your infrastructure.\u00a0 This software can help enforce policies and provide a number of benefits including:<\/p>\n If all else fails, have siloed backups<\/strong><\/p>\n An organization can only do so much to protect themselves.\u00a0However, even with all the measures mentioned, there is still a chance of intrusion.\u00a0 When this happens, never pay the ransom!\u00a0 Instead, you should rely on your managed backups<\/a> to restore from.\u00a0 In either case, you will need to reimage the infected hosts to get rid of any backdoors the hackers could have created.<\/p>\n Employee Training<\/strong><\/p>\n Employees should be trained on how to identify threats and properly report any suspicious emails to the IT department.\u00a0 By reporting, the IT department can then feed it to the hosted email security platform<\/a> so that it learns and improves so that the threat stops before showing up on another employees inbox, who may not be able to identify it as an intrusion attempt.<\/p>\n\n
Other Important Considerations:<\/h2>\n