4 Myths About DNS Filtering
Trevagh StankardDNS filtering is essential in protecting against web-based threats such as phishing and malware. Here we explain the risks, features, and benefits of DNS filtering and it can protect employees...
Ransomware attacks are striking with increased regularity but you can protect against ransomware attacks. This is a modern problem in malware, combining sophisticated and basic tactics. Extortionists typically do not ask for exorbitant amounts; the average ransom ranges between $300 to $1,000. But consider that Hollywood Presbyterian Medical Center paid $17,000 for access to its own data. On top of that, there is the issue of lost revenue, and tarnished reputation, while a business recovers.
There is no single package or set of practices that will immunize a network against a ransomware attack. Additionally, malware authors are continually modifying their “product”. For example, an infection usually starts with phishing emails. A user clicks on a JavaScript link in the email or downloads an attached document containing macros that launch the ransomware. Originally, ransomware exclusively used Microsoft Office documents with malicious VBA scripts. Now any app or document that runs JavaScript code can launch the attack. However, there are many steps an organization can take to mitigate these expenses and even prevent a ransomware attack in the first place.
Smaller organizations may be able to use whitelisting to restrict access to a limited number of websites and applications. This is ideal, but impractical for most larger businesses.
An often-overlooked measure is to restrict user privileges. This should be done on a regular basis in any case, ransomware threat or not. The frequency required depends on the amount of turnover and transfer in the organization. Runaway user privileges can cause any malware to spread like wildfire throughout the network, making it difficult to eliminate. Granted, a complete audit of user privileges is a daunting task. A good place to start is user privileges for administrative tasks such as backup, servers, and network support. To minimize the use of administrative accounts, do not permit such accounts to receive email, and assign staff with administrative roles their own normal restricted accounts for everyday use.
A modern firewall is critical in defense of the network. Since threats continually evolve, use an update service that automatically blocks the latest known threats. Many uncategorized websites are used in targeted phishing campaigns to distribute malware. Configure your firewall/proxy to require user interaction, such as a “continue” button, for end users communicating with uncategorized websites.
If the organization has a good set of backups, it will have the choice of paying the ransom or not. Otherwise, there is no choice but to pay. And the only way to know that you have a good set of backups is to test them by performing a restore. During a monthly maintenance window, test the restore of a different backup. It is not uncommon for backups to be configured improperly or to be incomplete due to an unexpected increase in media size required. Check user privileges for backup at the same time.
On the Spiceworks community, IT professionals discussed how the threat of ransomware has changed their backup strategy. Most participants have instituted more backup procedures, more often, to more places than before. Fortunately, there are more backup options than ever. Deduplication is critical for organizations with considerable amounts of data. Snapshot technology (with adequate backups) can bring your organization up to date in, well, a snap. Here are some tips:
If only Sally had not clicked on that link in her email, there would be no ransomware to deal with. That is right. Most ransomware is delivered by email. Typical themes include invoice and shipping notice scams. It makes sense that the best way to protect an organization is to educate end users about phishing.
Say NO to ransomware. Prevent email ransomware threats from reaching your users with SpamTitan.
DNS filtering is essential in protecting against web-based threats such as phishing and malware. Here we explain the risks, features, and benefits of DNS filtering and it can protect employees...
The imminent Cisco Umbrella Roaming Client End-of-Life has left many users uncertain about their next steps and exploring alternative DNS protection.
Hardware firewalls are the cornerstone of network security for almost all TCP/IP networks. For SMB and enterprise network environments, the network firewall provides the basic defense against attacks.
Sign-up for email updates...