The WannaCry attack earlier this year is one of the more notable ransomware attacks in recent memory. The attack, which hit everything from home users to the United Kingdom’s National Health Service, locked key data inside an encryption and then demanded bitcoins in exchange for the key to the data. Within a few days, a number of workarounds had been discovered.
But while this particular ransomware attack gained a lot of press, it wasn’t the first of its kind. To prepare for the worst, a number of companies in the United Kingdom are stockpiling bitcoins in order to make sure they have a surplus to pay off attackers, according to a widely cited Citrix poll earlier this year. While this is an option, it’s not the only one available.
Below, members of Forbes Technology Council share their preferred ways to protect data and prevent becoming a ransomware victim:
1. Engage With Ethical Hackers To Find Your Security Vulnerabilities Before The Bad Actors Do
More and more businesses and government agencies are engaging with independent security researchers to help them find vulnerabilities in their systems that they otherwise wouldn’t. Most cyberattacks are executed via security holes unknown to the target organization, so having well-intentioned hackers find vulnerabilities in our computer systems is the closest we can get to real-world conditions. – Alex Bekker, HackerOne
2. Train Your Employees
Most hacking is really just social engineering. Minimizing the chance of this through employee training is probably the single-most important thing to do. It’s also important to layer filtering in order to prevent phishing emails from showing up in your inbox in the first place. – Timothy Chaves, ZipBooks Online Bookkeeping Services
3. Frequently Backup And Automate Quarantining
What’s saved us from ransomware multiple times is that we ensure all of our devices are backed up regularly by using a service account that pulls files off of each device. Files are zipped before reaching the backup location, and the backup only accepts zip files. When our device management agent sees an infection on a device, it becomes automatically quarantined, blocking all network connections. – Brian Fritton, Patch of Land
4. Practice A Least-Privilege Approach
Besides consistent robust backups and security awareness training, we practice the least-privilege principle. All users use a non-privileged account and, escalate permissions and privileges based on needs, thereby reducing unnecessary risk to ransomware attacks or other security breaches. By taking a proactive approach, your company places itself in a better position to prevent an attack. – Alexandro Pando, Xyrupt
5. Always Install System Updates
Following security best practices — such as not reusing passwords, using multi-factor authentication and immediately installing system updates as they are released — goes a long way. A lot of the casualties of WannaCry were the result of systems running on unpatched legacy software. Stringent data access and thorough backup policies will also render crypto-locker attacks much less effective. – Saul Diez-Guerra, Thinkful
6. Implement A Plan For Continuous Operations
Businesses should certainly do everything they can to block ransomware and other attacks from occurring. However, hackers are typically a step or two ahead of the cybersecurity industry; therefore, attacks will happen. The most important thing that a company can do is ensure continuous operations by having a robust and easily implemented data and infrastructure recovery plan. – Jonathan Babad, DIRECTED
7. Have A Response In Place To Handle Attacks As They Happen
While preventative measures have their place, the best defense against breaches is a robust incident response strategy, which should be able to not only detect the signs of ransomware but automatically analyze, isolate and contain the threat so that it cannot cause additional damage. Closing the loop creates a more impervious defense, regardless of when, where and how many points of entry exist. – Gabby Nizri, Ayehu Inc
8. Use Software-Defined Storage With Continuous Data Protection
Traditional backup systems leave too much data unprotected and do not offer sufficient protection. A highly effective way to protect against ransomware, which we use in our IT operations, is software-defined storage with continuous data protection. CDP enables IT to recover data prior to a ransomware attack. Proper ransomware protection includes CDP, remote backups and up-to-date security software. – George Teixeira, DataCore Software
9. Don’t Be An Easy Target
Most cybercriminals using ransomware attacks go after easy targets. They specifically victimize organizations with weak patch management, slip past unrestricted firewall policies, and exploit well-known and easily detected vulnerabilities. Avoid becoming a statistic by promoting strong security hygiene and following industry best practices for secure and well-architected infrastructures in the cloud. – Justin Lundy, Evident.io
10. Follow These Key Steps
Our company’s ransomware protection policy is based on the following principles: Install the latest Windows OS version, keep on OS vulnerabilities patching schedule and filter browser traffic with the help of a proxy server.