Connect with us

Hi, what are you looking for?

Tech & Science

Your stepwise approach for preventing ransomware

It’s critical that you test your protection strategy before a disaster event like ransomware happens.

Image: © AFP/File Fred TANNEAU
Image: © AFP/File Fred TANNEAU

As retailers prime their websites for the surge in web traffic this weekend, there’s one important factor they must prioritize: Their ransomware response plan.

The FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) have recently issued a ransomware advisory. This follows on from multiple ransomware attacks during previous Holiday periods.

CISA and the FBI recommend maintaining vigilance against the multiple techniques cybercriminals use to gain access to networks, including:

  • Phishing scams, such as unsolicited emails posing as charitable organizations.
  • Fraudulent sites spoofing reputable businesses—it is possible malicious actors will target sites often visited by users doing their holiday shopping online.
  • Unencrypted financial transactions.

While the agencies of the U.S. government have urged organizations to identify IT security staff who can be on call in the event of an attack, there are other issues that need to be considered.

They issues are drawn out by Simon Jelley, a ransomware expert at Veritas Technologies. Jelley has provided a step-by-step guide to help retailers quickly resume business as usual if attacked, without having to even consider paying the ransom or tap additional IT talent amid today’s labor shortage.

The essential points from Jelley are:

Centralize your data backup

This will help ensure all your data is protected and backed up, eliminating the protection gaps that may be present without centralization.

Strengthen the resiliency of your centralized data backup

Harden it against ransomware attacks by encrypting data at rest and in transit, using digital certificates and integrating a PKI, using strong authentication and user roles, leveraging containers for an easy patch management process, and implementing anomaly detection to detect potential ransomware.

Develop a plan for when a crisis strikes

Even after implementing the above, it’s still necessary to develop a plan for when an attack happens. Being proactive and creating a plan will help you react appropriately and expeditiously in the event of an attack, thereby limiting the effects and scope of the crisis.

Test and test again

It’s critical that you test your protection strategy before a disaster event like ransomware happens. This includes drilling your ransomware recovery plan outlined above.

Educate employees and business leaders

Taking the time to educate yourself, your leaders and company employees about the risks and signs of ransomware can help not only prevent an attempted ransomware attack, but detect a successful one early, potentially preventing it from even getting near your data backups.

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

From New York to Los Angeles, and from Miami to Chicago, thefts of the prized breed have been on the rise.

Business

People could afford to be people, not just paranoid bill-paying machines.

Life

School districts across Virginia were taking stock Sunday of the implications of Gov. Glenn Youngkin’s executive order that seeks to end mask mandates.

World

Ukrainian prosecutors requested $35 million in bail for former leader Petro Poroshenko, who had returned to Ukraine.