Five Prevention Tips and One Antidote for Ransomware

By Susan Richardson, Manager/Content Strategy, Code42

During National Cyber Security Awareness Month, understanding the ins and outs of ransomware seems particularly important—given the scandalous growth of this malware. In this webinar on ransomware hosted by SC Magazine, guest speaker John Kindervag, vice president and principal analyst at Forrester, talks about what ransomers are good at—and offers best practices for hardening defenses. Code42 System Engineer Arek Sokol is also featured as a guest speaker, defining continuous data protection as a no-fail solution that assures recovery without paying the ransom.

The art of extortion

Kindervag says ransomers are good at leveraging known vulnerabilities when organizations are slow to patch. They are also excellent phishermen, posing skillfully as trusted brands to lure their prey; collaborative entrepreneurs who learn and share information; and enthusiastic teachers, eager to impart how to pay in bitcoin for the unschooled.

Like Pearl Harbor, Kindervag says, the day the enterprise gets hit with across-the-board ransomware will live in infamy—unless the organization has planned for the event with effective backup.

Kindervag advises the following to prevent the delivery of ransomware:

1. Prioritized patch management to avoid poor security hygiene that puts computer systems at risk.
2. Email and web content security that includes effective anti-spam, gray mail categorization, and protection for employees against poisoned attachments.
3. Improved endpoint protection with key capabilities that include prevention, detection and remediation, USB device control to reduce the ransomware infection vector, and isolation of vulnerable software through app sandboxing and network segmentation.
4. Hardening network security with a zero trust architecture in which any entity (users, devices, applications, packets, etc.) requires verification regardless of its location on or with respect to the corporate network to prevent the lateral movement of malware.
5. A focus on clean, effective backups.

The ransomware antidote

Following Kindervag’s “hardening defenses” presentation, Sokol reports on the number of businesses hit by ransomware in 2015 (47 percent) and how many incidents come through the endpoint (78 percent). He also dispels the rumor that file sync and share are synonymous with rather than antithetical to endpoint backup.

During the webinar, Sokol demonstrates the extensibility of modern, continuous, cross-platform endpoint backup. He describes the efficacy of endpoint backup in recovering data following ransomware or a breach, its utility in speeding and simplifying data migration and its ability to visualize data movement—thereby identifying insider threats when employees leak or take confidential data. Don’t miss it.