As alluded to by Katherine Brown, using blockchain-based web hosting makes it much harder, if not impossible, to hack a system. But there are other steps you can take to enhance security and protect your data from ransomware attacks.
According to Lundin Matthews, Founder of AdminRemix, “The most important security measure you can take to make sure you don’t get the “ransom hack” on your computer is to turn on automatic updates on your computer. Security patches are released quite frequently, but won’t be of any help unless you have them installed.”
“Never postpone an update,” Matthews added. “Especially if it’s a push release, as that means it’s a patch for a very severe issue.
“The best defense against “ransom hack” is to outwit attackers by not being vulnerable to their threats in the first place,” explained Olivia Tan, Co-Founder of CocoFax, a start-up company dedicated to smarter businesses communications. “This means backing up important data daily, so that even if your computers and servers get locked, you won’t be forced to pay to see your data again.”
Josh Smith, a Security Analyst with Nuspire, shared the following steps organizations can take to help prevent a ransomware attack:
- Patching their systems and monitoring for vulnerabilities, especially for any technology that is internet facing.
- Be careful with email attachments. Threat actors can gain initial access through malicious attachments sent in phishing emails.
- Utilize advanced endpoint protection with heuristics and behavioral analysis. This goes beyond signature based anti-virus and can detect when endpoints and software are performing suspicious or malicious activity outside of standard signatures.
- Segregate high-risk devices within their network to minimize the ability for a threat actor to move laterally or spread ransomware across a network.
Jesse Thé, IT expert and President and CEO of Tauria, offered some advice on preventing ransomware attacks:
- Practice good message hygiene: Email is the primary threat vector. Proofpoint, Barracuda, etc, with threat intelligence feeds are great for stopping spam and known sources of ransomware campaigns once they have been identified. This also means you can then participate in making everyone else safe, since there are reporting mechanisms if you get hit by a new campaign. Through this, you can have problems stopped before they hit you, although it’s not [bullet-proof] (nothing is).
- Secure host baselines: Set them up with Group Policy. DISA STIGs are available and the GPOs are on GitHub so the time to implement is dramatically shorter. Use. the CIS baselines if not the DISA STIGs. Learn why each setting is configured the way it is and make sure you allow them to fit your business. Many common malware issues just go away if you do this and have good AV. Disabling Office macros for 95% of users goes a long way, but you will need to learn how to do exceptions.
- User training: When we had a department shut down twice because of their actions, we didn’t get anyone fired and we did not embarrass them. We showed them how devious people can be and how they can check to make sure it’s not a bad guy trying to do the same thing again. I work for a healthcare company. The last ransomware incident we had since I made sure the above [was] all implemented was in 2015. We had 3 that year until people gave me the go-ahead to put my money where my mouth is.