What is Ransomware?
Ransomware is a malicious software program (Malware) that seeks to infect machines, blocking access to read files, boot zones, devices as such, and in general any type of critical feature to claim or ask for a reward to release said features already mentioned.
What is the cause of Ransomware Attacks?
- Navigation: Browsing malicious sites and downloading plugins.
- Phishing: Getting an email with links that look like trusted sites and making users compromise the security.
- External drives: Plugging external infected drives to your machines and getting infected.
- Downloading Malicious content: Downloading music, free software, .exe from untrusted sites.
- Social Engineering: By social engineering techniques that convince the user to be a trusted provider and execute the malicious action.
- P2P Connections P2P connections for music download or free software.
How to proactively prevent Ransomware Attack?
- Backups: It is recommended to have a strict backup policy so that if you are a victim you can recover from the attack.
- Awareness: Educate user to
- Always validate the legitimacy of the site they browse
- Do not download software from an untrusted P2P network
- Simulated phishing attacks to check end user preparedness
- Not open links or attachments of emails whose origin is unknown.
- On cell phones, enable the option only to download from reliable sites
- EDR: It is important to go ahead with Next-generation AntiVirus (NGAV) and Endpoint Detection and Response (EDR) with proactive protection.
- Centralized Teleworker Policy Deployment: Ensure teleworkers have the right level of policy controls on their website, application and data governance
- Threat Assessment: Continuous validation of vulnerabilities on End Points.
If you need more help, please reach out to the ETEK advisory team. We can assess the gaps, provide solutions to fix the issues, and perform proactive simulated attacks to test the resilience of your architecture. Please contact at email@example.com firstname.lastname@example.org
By. Iván Camilo Castellanos