Ransomware: The Permanent Digital Pandemic

Over the past few years, we have constantly come across news involving thousands of victims of ransomware attacks, whether for ransom or data extortion.

Although some of these events become public, most of the time companies and users “hide” this information, frightened by the feeling of inability to provide an efficient defense to protect their data or simply not understanding how they can be a target of criminals. .

The fact is that ransomware attacks are a truly permanent digital pandemic that attacks all types of businesses and users in any country. It is possible to minimize the chances of being one of these victims, but we will hardly have a 100% effective solution that will guarantee total protection.

And this permanent risk is linked to a number of distinct reasons that lead to the root cause of a ransomware attack.

A malicious phishing email unnoticed by a user, the download of contaminated pirated software, the misconfiguration of one of your network’s protection components, the use of a machine that does not comply with the company’s security standards, user passwords and Uncontrolled shared administrators, lack of constant monitoring and analysis, low technical knowledge, cloud components unprotected or erroneously interconnected to the internet, outdated vulnerable systems, lack of patching fixes, and the difficulty of modernizing security solutions are just a few of the examples of different gateways for a hacker to enter the network.

Getting closer to optimal protection is the only viable way to minimize impacts and disruption. As recommendations, here are some safety tips, both at a personal and business level:

1. Don’t completely trust your password. It is necessary to change it constantly. Almost eight billion passwords have already been exposed due to credential theft in various applications and most likely yours may have been one of them (visit the link in Cyber News and know how many times it has been leaked). Have a powerful management of this authentication process within your company.

2. Train and educate people to help defend critical information.

3. Back up everything that’s important and keep them separate from your network (hackers love connected backup systems and always try to encrypt this contingency).

4. Keep computers and servers up to date. Old and offline systems are the preferred gateways to attacks as they have vulnerabilities that cannot be patched.

5. Always use caution when clicking on links. Don’t rely on gratuities. Discontinue access if you feel anything suspicious.

6. Be careful when opening email attachments. It is essential to always check the source of the sender and whether there has been any change in the habit of receiving a file, for example.

7. Use the best security protection for your network, computers and servers. Adopt cloud antivirus solutions that utilize advanced protection techniques (neural networks, artificial intelligence, threat analysis, DLP, etc.) as well as fully enabled firewalls and anti-spam solutions focused on security protection. The more distinct layers of protection, the more difficult it will be for the attacker.

8. Perform penetration and vulnerability testing. Identify the flaws and adopt corrections.

9. Invest in safety, knowledge and always keep up to date;

10. Always have a plan at hand for how your company can react in the event of an attack. Present this plan and the impacts it can have on decision makers and anticipate the risk everyone is exposed to.

Leave a Comment