Like what you've read?

On Line Opinion is the only Australian site where you get all sides of the story. We don't
charge, but we need your support. Here�s how you can help.

  • Advertise

    We have a monthly audience of 70,000 and advertising packages from $200 a month.

  • Volunteer

    We always need commissioning editors and sub-editors.

  • Contribute

    Got something to say? Submit an essay.


 The National Forum   Donate   Your Account   On Line Opinion   Forum   Blogs   Polling   About   
On Line Opinion logo ON LINE OPINION - Australia's e-journal of social and political debate

Subscribe!
Subscribe





On Line Opinion is a not-for-profit publication and relies on the generosity of its sponsors, editors and contributors. If you would like to help, contact us.
___________

Syndicate
RSS/XML


RSS 2.0

Important stages of ransomware evolution

By David Balaban - posted Wednesday, 23 December 2020


Once attackers gain a foothold in an enterprise environment, they can execute a script that causes all network printers to disseminate ransom notes non-stop. Because this is a potential source for unwanted public attention, the victim is more likely to start cooperating.

Ransomware protection best practices

To stay safe amid the dynamic ransomware evolution, organizations should learn to be moving targets and have a plan B if things get out of hand. The following checklist will shine the light on the ways to avoid the worst-case scenario and keep your data intact.

Advertisement
  • Back it up. If ransomware cripples your data, you can easily restore it using a recent backup. The caveat is that this type of mitigation will not fully address the issue if you fall victim to double extortion involving data theft.
  • Keep your remote desktop services safe. Because RDP hacking is the pivot point of most ransomware assaults targeting the enterprise, it is in your best interest to secure these services. Set up multi-factor authentication (MFA) for remote access, restrict the number of failed connection attempts, and specify a list of allowed IP addresses.
  • Harden your email security. Tweak your email settings to block phishing attacks, spam, and messages with executable files onboard.
  • Stay away from Office macros. Refrain from opening Microsoft Word or Excel files attached to emails from unknown senders. These documents may contain Visual Basic for Applications (VBA) macros that execute harmful processes behind the scenes.
  • Prioritize your files. Determine what data is the most important and secure it with an additional protection layer. Encrypting such information is a good call because crooks cannot turn it against your company even if they manage to steal it.
  • Make the most of a firewall. A reliable firewall solution will block malicious Internet traffic that occurs when ransomware is communicating with its C2 infrastructure to obtain cryptographic keys and extract your data.
  • Learn to fend off DDoS raids. With the above-mentioned RDoS attacks gearing up for a rise, make sure you have appropriate defenses in place. Use a web application firewall (WAF) and a cloud-based DDoS mitigation service from a reputable provider such as Cloudflare or Akamai.
  • Do not underestimate the power of software updates. In addition to improving the user experience and delivering new functionality, updates contain critical patches that address recently discovered software vulnerabilities. This raises the bar for any viruscreators attackers who are adept at exploiting security loopholes in obsolete applications to infiltrate networks.
  • Use an effective security suite. Whereas antivirus software is not the silver bullet, it can detect and block all known strains of ransomware in a snap.
  • Educate your staff. Invest in a security awareness program for your employees. Every member of your team should know the telltale signs of a phishing attack, use strong passwords or MFA to access their work accounts, and maintain proper RDP hygiene.
  1. Pages:
  2. 1
  3. 2
  4. 3
  5. Page 4
  6. All


Discuss in our Forums

See what other readers are saying about this article!

Click here to read & post comments.

2 posts so far.

Share this:
reddit this reddit thisbookmark with del.icio.us Del.icio.usdigg thisseed newsvineSeed NewsvineStumbleUpon StumbleUponsubmit to propellerkwoff it

About the Author

David Balaban is a computer security researcher with over 10 years of experience in malware analysis and antivirus software evaluation. David runs the Privacy-PC.com project.

Other articles by this Author

All articles by David Balaban

Creative Commons LicenseThis work is licensed under a Creative Commons License.

Article Tools
Comment 2 comments
Print Printable version
Subscribe Subscribe
Email Email a friend
Advertisement

About Us Search Discuss Feedback Legals Privacy