IT Trends & Technology Blog | FNTS

How a Consolidated Strategy Can Prevent Ransomware Attacks

Written by Don Pecha, CISO | September 9, 2021

Ransomware attacks, which are growing in both frequency and sophistication, continue to make national news headlines for crippling organizations across the globe. These massive attacks infiltrate and lock computer systems until a hefty ransom is paid. But ransomware doesn’t just hinder organizations financially.

High-profile ransomware attacks have impacted healthcare providers and their ability to see patients, limited the services banks can provide to customers and resulted in fuel shortages in the manufacturing sector.

No company or industry is immune to ransomware.

Ransomware can have an even bigger impact on an organization than a data breach. According to research from Gartner, more than 90% of ransomware attacks are preventable. Preventative measures organizations can implement to secure systems and data to significantly lessen chances of a successful attack, include:

Frequent Patching

Operating systems can be targeted by ransomware that takes advantage of unpatched software. A patch is a piece of software used to upgrade or fix a problem or bug within an operating system. At FNTS, we recommend keeping systems up to date and replacing assets that cannot be patched or updated. The systems targeted are your end-user desktops/laptops, your servers, your cloud environment, your backups and even your routers and similar networking equipment.  

Network Segmentation

If you evaluate your business, you will find you can segment many of your functions from others. For instance, segment your finance data from your sales team's data. Segment off vendors from your business network. There are many ways you can segment off ransomware and slow the spread.  

Email Security

The most common vector for ransomware to attack and spread is through phishing, which requires users to open an email and click on a link or malicious attachment to be effective. Phishing is growing in sophistication. To prevent attacks from penetrating email, implement an email security suite that provides server content scanning and URL filtering. User education, awareness on how phishing emails work (the tone, the push for fast action) and testing users with phishing training are also critical.

Endpoint Security

Next-gen endpoint security provides coverage and protection over all assets, including business-critical applications that can’t be patched immediately. Endpoint protection that is part of a security platform and natively integrated with next-gen firewalls and anti-ransomware modules is best positioned to prevent ransomware. It intelligently blocks attacks on multiple operating systems and networks while sharing the information across the platform.

Data Backup

The primary defense against ransomware infections and other attacks will always be data backup. This is why it's important to ensure your backup vendor has knowledge of built-in protections they can implement against backups that may be encrypted by ransomware actors. In the event of a ransomware attack, prepared businesses can take infected systems offline, revert to the last clean system copy for restoration and get back in business without paying a ransom. Immutable backup solutions are another level of protection from ransomware. Disaster recovery is also recommended for business continuity.

Limiting Administrative Access

Giving employees less access to resources that aren’t necessary in their daily workflow helps limit the spread of malware, which encrypts and spreads with user permissions inherited from whomever runs the malware. User access reviews and limiting privileges are key to preventing ransomware. If a user does not have administrative (super-user) access, then the ransomware has a harder time spreading beyond their local machine.

User Education

Educate employees or provide regular training on how to identify and avoid malicious content. FNTS helps organizations craft well-rounded programs that can enable employees to be your organization’s first line of defense, ensuring the best possible security posture.

Implementing every available preventive measure secures systems and significantly reduces the chances of a successful ransomware attack. It limits the financial impact if an attack occurs and reduces potential regulatory fines. For example, recent changes to the HIPAA Safe Harbor law provide regulatory relief and other incentives to healthcare entities for voluntarily adopting recognized cybersecurity best practices and protocols. This proactive approach is important in limiting exposure when determining potential penalties for HIPAA violations or other security incidents that may compromise data.

Companies also can leverage industry-standard preventative measures when filing a cyber liability insurance claim to ensure they’re financially protected. Cyber liability insurance has evolved over the years and has become more complex. FNTS regularly consults with cyber insurance providers to understand areas of importance to ensure clients are well-positioned with solutions that pass insurance qualifications, which can also help lower insurance premiums.

With so many preventative measures available, FNTS recommends a comprehensive, consolidated approach for the best assurance. Utilizing one vendor for a variety of solutions can help you achieve quicker time to value with less vendor management and more outcome-focused intelligence shared across core teams.

Security must outpace your technology adoption and integration. As technology changes, so must your security strategy. FNTS, a highly compliant, highly secure managed services provider, is available to consult with your organization on its information security and risk mitigation plans.