Intelligent CISO Issue 1 - Page 28

editor’s question MOREY J HABER, CHIEF TECHNOLOGY OFFICER, BEYONDTRUST W hile there is no shortage of seminars, articles and vendor solutions outlining best practices to mitigate the threats of ransomware and modern cyber extortion threats like malware based crypto-mining, there is no single solution to protect against all threats. If there was, wouldn’t we all be implementing it and the manufacturer be the most profitable vendor? There are multiple steps and best practices that can mitigate this growing problem and we just need to stop, listen and do them better and not necessarily go out and buy another tool. To that end, consider these five recommendations that cover all the families of ransomware and modern cyber extortion tools. If you can do these five well, you can mitigate the vast majority of risk from these escalating attack vectors. 28 1. End User Education: The average user may not be able to tell the difference between a regular email, phishing or spear phishing attack. They do however understand if you click on the wrong thing, you may lose all your work and files or infect your computer. If you can translate the threat of ransomware into terms the average user can understand and remember, then the human element of social engineering can have some definable mitigation strategy. 2. Secure Backups: The worst-case scenario is you do become infected with cyber-extortion-based malware. If you follow law enforcements recommendations, you should not pay the fine. So how do you recover? The answer is secure backups. While this recommendation is not preventative, it is the only one that can help you when all else fails. All data should be backed up, and most importantly, secured. 3. Disable Macros: Some newer extortion-based malware is taking cues from older computer viruses that leverage Microsoft Office macros. This one isn’t easy to resolve, because many of our spreadsheets and documents depend on Macros to satisfy business requirements. For example, a recent addition to the long list of rans v&R2( vW%v&^( गB6W2F&Vv6rV@6F2fV7FVBv&BGF6VBFRF7VVB6F2Ɩ6W07&v6FV62vW%6V67&Bv66'&W2WBFRBF2V27G&V6W6Rv&B@vW%6V&RfW'6@&fVBƖ6F2B7BWfW'&v6FFR6WGFr( F6&R7&2W6WBFvFǒ6vVB7&>( fVBvFFRG'W7B6VG&R6WGFw2v&WfVB7&vFWBfƖB6W'Ff6FPWF&Gg&WV7WFrB&VVFF2bFRFVvBbvW"f62Bg&vFVrVVvWBB6&rFR6RRF&vWG0FW"fW'62bf6B6fW&ƖvB66&FrFFRfW&FF'&V6&W'BRbGF62F&vWBvgVW&&ƗFW2WfVFVvF27V6f0gVW&&ƗG2&VVF6VB琦&v6F2FBF6BfW&gF&B'GƖ6F2&VwV&ǒW@RFRW&Fr77FVG6VbB0'FBFfR&VwV"66VGVRF76W72W"Vf&VBf"gVW&&P6gGv&RBfR&VƖ&R&6W72F&VVFFRfFw2R7FF&BW6W"&fVvW3&6v&R7&VG2'WfW&vpFRW6W.( 2&fVvW2FfV7BfW2F@&RvF66RbFRW6W"ǒ07FF&BW6W"&vG2FRǒfW2f6&P&RFRW2FWfR6ǒ fWGv&6&RvRFR66R`F2&R&vRB6&RV6v'6PbFRW6W"2F֖7G&F"&fVvW2खbR&VGV6RW6W.( 2&fVvRF7FF&BW6W"&6v&RFBG&W2F7FW'67FVB&W6V6R2vVW&ǐFv'FVB&V6W6RBFW2BfRFP&fVvW2F7FfW2G&fW'2"WfV66W72FR&Vv7G'VW72BWfW&vW0WBFW66FR&fVvW22vR6VRF7GW&&r7&V6R7&W WF'Fv&R&627&W'6V7W&GvVR2FR&W7BFVfV6Rv7@W"&v6F&V6֖rFRW@f7FFW&R2v2'WGF6RF"R7G&FVwF@67FF2W66FbF&VG2'WB`R6frFW6RffR&626V7W&G&V6VFF2W"&v6F6w&VFǒ֖֗6RFR&6b&VrFPWBf7Fग77VRwwrFVƖvVF666