4 recommendations to limit risks from ransomware
With this form of attack, hackers often use tricks to fake websites, extract data of agencies and organizations and demand ransom. Cybercriminals carry out cyber attacks according to a concise strategy that is applicable to many industries. An analysis of recent experts shows that, in 2020 alone, the amount of damage related to ransomware attacks has reached billions of dollars.
More dangerously, this behavior also targets the government's information technology systems, causing serious impact. To protect critical data from attacks, government IT systems need to ensure external layers of security, while also having the added responsibility of maintaining the infrastructure if an intrusion occurs. offense.
According to studies, despite the development and expansion of the scope, the attacker's methods still have similarities. Most hackers will illegally exploit the lowest-level vulnerabilities first, through some common and easy-to-implement method. Therefore, experts recommend to prevent ransomware from this initial step through some of the following methods.
1. Secure remote access
Remote access is a familiar method often used by attackers, especially through unpatched vulnerabilities of information systems. Accordingly, hackers are constantly scanning the internet, looking for ways to exploit these vulnerabilities to perform attacks. To combat vulnerability scanning, organizations should prioritize patching vulnerabilities first.
Along with that, to protect the system, experts recommend that organizations identify systems that remotely access their systems by looking up IP addresses. If an attack is suspected, users should block public access to remote desktop protocol services (iRemoteDesktop - RDP), a secure shell that encrypts transmission data (Secure Socket Shell - SSH) ) and file transfer protocol (File Transfer Protocol - FTP). Agencies and organizations need to ensure that systems for remote access such as firewalls, VPN gateways, and email gateways are regularly patched, scan for security holes, and implement multi-factor authentication ( Multi-factor Authentication (MFA) for accounts that are authorized for remote access.
2. Email security
Many ransomware incidents can start with an email sent to a user. This attack method is gradually becoming popular for hackers to perform blackmail.
Experts say it's safer to prevent unsolicited emails in the first place. The email security system acts as a 'fence' to protect strange messages from the internet and private mailboxes in the intranet. To avoid email threats, users need to ensure email messages are scanned through a filtering system, and check attachments and links for advanced threats. In addition, account holders should audit or block password-protected documents as hackers often use this method to bypass email data scanning.
3. Keep data backups safe
The third most common method for ransomware is to identify the target, encrypt the data, and then completely delete the backups. In addition to the data on the network and the data in direct use, the hacker will search all backups and encrypt them, disabling the data to increase the possibility of ransom from the victim. The victim then has a high probability of paying to buy back these encrypted data. Therefore, individuals, agencies and organizations should have backup plans to ensure the safety of all data.
4. Implement a 3-2-1 . Backup Strategy
Without the right protections, backups and archiving, concurrent copies on the same network are vulnerable to hackers. To avoid network-wide attacks, experts have come up with a safe backup measure for users' data systems. For all important files, users should store 3 copies, including 1 primary backup for daily use and 2 backup copies.
In it, the files will be saved on 2 different media environments to reduce the possibility of mass attacks. These copies must be in place so that data can be accessed and restored easily and quickly in the event of a failure. At the same time, users should save 1 copy outside the work network or home network, in case of force majeure situations due to natural disasters, unexpected disasters.
You should read it
- 7 kinds of ransomware you didn't expect
- List of the 3 most dangerous and scary Ransomware viruses
- Ransomware can encrypt cloud data
- General guidelines for decoding ransomware
- What is Ransomware Task Force (RTF)?
- [Infographic] 7 effective ways to protect businesses from Ransomware
- How to decode ransomware InsaneCrypt (Everbe 1.0)
- Why is Ransomware the perfect hack?
- Learn about Ransomware: 6 ransomware on computers
- Detecting two unusual versions of ransomware, shows that the world of ransomware has become diversified
- What is Fargo Ransomware? How to avoid?
- Warning: Quantum Ransomware is being rapidly deployed in lightning attacks
Maybe you are interested
How to get data from web into Excel
What information does a VPN hide? How does it protect your data?
How to transfer data between 2 Google Drive accounts
6 Data Collecting Apps You Need to Delete for Better Privacy
How to master numerical data in Google Sheets with the AVERAGE function
How to delete white space in a table in Word - Appears right below the data