Five measures to protect against ransomware attacks

Let us not forget that the vast majority of these successful ransomware attacks are only made possible as a result of human activity. Ransomware is not a cyber ‘attack’, it is an active and offensive head on assault on our defences. It is the dangling of a poisonous and indiscriminate bait that staff then take and bring into our organisations thus facilitating this destruction.

Almost all of the organisations affected will find, when they do their incident investigation thoroughly, that one of their staff has downloaded unauthorised software, or clicked on a phishing email or attached an infected USB device to their network. Without this human intervention, very little malware has any potency.”

Often businesses that have received a ransomware attack like Petya concede to the attackers demands because they don’t have good security, good education and good crisis management strategies in place. Often, they feel paying up is their only option.

If businesses were in a better place to begin with, they wouldn’t be held to ransom in the first place. Also, if businesses pay ransom to get files back, they’re essentially asking the attackers how much money they want and they’re telling them they’re prepared to pay so they will likely be targeted again.

Among the basic steps that companies and organisations can take to improve their resilience are the following:

1. There is a saying that goes “A fish rots from the head down” – get your senior board members up to speed on the threat landscape including cyber. They have invaluable strategic skills, which combined with the next steps will place an organisation on the front foot instead of the back one.

2. Ensure training is relevant and regular. The threat landscape changes fast, as the last few days have demonstrated. Make sure all staff, including senior management are thoroughly trained and enabled to question emails, files or activities they feel are counter to organisational security.

3. Make sure there is a policy in place that covers behaviours such as surfing inappropriate websites (where malware is often deposited for drive-by infection) and for ransomware, so staff know exactly what is expected of them.

4. Technology is a great supplemental support to human interaction when it comes to virus scanning and network monitoring, but don’t rely on it 100%. There is no magic button and security is achieved by cultural establishment.

5. If you have any device, component or system that is web enabled or networked, make sure it is part of IT change management; getting patches and updates on relevant systems and equipment and making risk-based decisions about keeping any systems with outdated operating systems.


Related reading