+
EDITOR’S QUESTION
/////////////////
HARISH CHIB,
VICE PRESIDENT
MEA, SOPHOS
U
nderstanding why ransomware attacks are so successful,
implementing advanced ransomware combating protection
in every stage of an attack and following good IT security
practices, including regular training for employees are essential
components of every single security set up.
Why ransomware attacks are so successful?
1. Sophisticated attack techniques and constant innovation
• Access to ready-made ‘Exploit as a Service’ (EaaS) programs is
increasingly easy, making it simple to initiate, successfully complete
and benefit from an attack, even for less tech-savvy criminals
• Skilful social engineering is used to prompt the user to run
the installation routine of the ransomware. For example, you
may receive an email that reads something like this: ‘My
organisation’s requirements are in the attached file, please
provide me with a quote’
• Producers of ransomware operate in a highly professional manner.
This includes providing a working decryption tool after the ransom
has been paid, although this is by no means guaranteed
2. Security holes at affected companies
• Inadequate backup strategy (no real-time backups, backups not
offline/off-site)
• Updates/patches for operating system and applications are not
implemented swiftly enough
• Lack of user security training and IT security knowledge
• Security systems are not implemented or are not
configured correctly
3. Lack of advanced prevention technology
Many organisations have some form of generic protection, but they
need solutions designed specifically to combat ransomware that is
constantly being updated to exploit.
www.intelligentcio.com
Implementing effective, advanced protection in place at
every stage of an attack
To stop ransomware you need to:
• Secure your endpoints with solutions that have anti-exploit
technology, which stops the delivery of ransomware, deep
learning that blocks ransomware before it can run and technology
that prevents the malicious encryption of files, rolling back
affected files
• Malicious traffic detection and malicious encryption prevention
technology protecting your servers
• The right network protection, including a modern
high-performance nextgen firewall IPS engine and
sandboxing solution
• Regular training of your employees on how to be safe from
phishing emails
Nine best security practices to apply now
Staying secure against ransomware isn’t just about having the
latest security solutions. Good IT security practices, including regular
training for employees, are essential components of every single
security setup. Make sure you’re following these nine best practices:
1. Patch early, patch often
2. Backup regularly and keep a recent backup copy off-line and
off-site
3. Enable file extensions
4. Open JavaScript (.JS) files in Notepad
5. Don’t enable macros in document attachments received
via email
6. Be cautious about unsolicited attachments
7. Don’t give yourself more login power than you need
8. Stay up-to-date with new security features in your
business applications
9. Patch early, patch often. Staying on top of patches is so
important that we’ve included it twice. n
INTELLIGENTCIO
31