Over the weekend, I was reading an article about how ransomware is not out of control. On the contrary, the premise was security teams were lacking proper steps to thwart these attacks…
Ransomware Attacks Are Spiking
Ransomware attacks are indeed out of control; however, could it be our own fault? There are tools available that if used appropriately, could mitigate the risk of these attacks. There are also best practices, that if deployed, could reduce the risk of a successful attack infecting the network. As I continued to read the article, I found myself doing the slow head nod in agreement. To be fair, I do not agree with everything and also believe there have been things left out that are key to thwarting cyber attacks. However, the premise of “us” being part of the problem, is entirely accurate.
Cyber Attacks Are Real
Cyber attacks are a very real thing. I believe often times, specifically small businesses, are not prepared to fend off these forms of attacks. There is also the misconception that cyber criminals are not targeting small businesses. If that was the case the City of Tulsa would not have fallen victim last month. Additionally, 26k students and educators would not be impacted due to the ransomware attack on Judson ISD.
Ransomware – What Needs to be Done
First and foremost, understanding that you are at risk is important. If anyone who has access to your network, doesn’t understand the threat of cyber crime, it is important to educate them. In addition, education on how to spot cyber attacks is imperative. By understanding the red flags, employees will be less likely to download a bad file, click on unknown links, or unknowingly engage in criminal activities.
Additionally, organizations need to look at their cyber security stack. What does this mean? It means a full evaluation of the tools you have in place that are meant to protect your digital assets from cyber attacks. Map them out, and identify the gaps. If the organization is lacking a proactive solution, like application whitelisting, one should be layered on top of the existing security solutions as an added layer of protection.
As a final step in bettering your security to reduce the likelihood of ransomware, businesses should have a plan in place for updating their software. Whether it is an operating system, or third-party applications — keeping them updated is critical. For a few different reasons, many organizations do not do this timely. First, it requires testing to ensure the latest version will not create issues within the network. Secondly, the testing and the process of updating requires time which may impact productivity. Third, updates are not prioritized appropriately. The world’s first global ransomware attack was executed through a security hole found in an outdated operating system. Had businesses kept their networks updated, WannaCry would not have taken businesses to their knees.
What We Are Doing
#ApplicationWhitelistingMatters is our effort to drive awareness to a solution that will help effectively block cyber threats, like ransomware. Application whitelisting uses a default-deny methodology. By only allowing known good, programs to run, malware if blocked on a consistent basis. Many within the IT industry are aware of application whitelisting. However, there are millions of people that do not. By driving awareness to the solution, to goal is to increase adoption.
Ransomware is out of control, but we have the means to reign it in. We have the means to reduce infection rates. We have application whitelisting. Do you?
512 total views, 4 views today