What Is Ransomware?

In the event of an attack, you can power down the endpoint, reimage it, and reinstall your recent backup. You’ll have all your data and you’ll prevent the ransomware from spreading to other systems.

Make a habit of updating your software regularly. Patching commonly exploited third-party software will foil many attacks.

The weakest link in the security chain is usually human. Educate your users on whom and what to trust. Empower them not to fall for phishing or other schemes.

Take a layered approach, with security infused from the endpoint to email to the DNS layer. Use technologies such as a next-generation firewall (NGFW) or an intrusion prevention system (IPS).

Limit the resources that an attacker can access. By dynamically controlling access at all times, you help ensure that your entire network is not compromised in a single attack.

Being able to see everything happening across your network and data center can help you uncover attacks that bypass the perimeter. Deploy a demilitarized zone (DMZ) or add a layer of security to your local area network (LAN).

Most ransomware infections occur through an email attachment or a malicious download. Diligently block malicious websites, emails, and attachments through a layered security approach and a company-sanctioned file-sharing program.

Antivirus solutions on your endpoints don’t suffice anymore. Set up privileges so they perform tasks such as granting the appropriate network shares or user permissions on endpoints. Two-factor authentications will also help.

Know your enemy. Take advantage of threat intelligence from organizations such as Talos to understand security information and emerging cybersecurity threats.

Never, ever pay the ransom. There’s no guarantee you’ll get your data back, and you’re only fueling the cybercriminals for more attacks.