ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

What is the best way to secure Corporate Network from Ransomware?

Nowadays its hard to secure a network specially in a larger network. We don't know when or what virus attacks our network. 

user-image
تم إضافة السؤال من قبل مستخدم محذوف‎
تاريخ النشر: 2017/02/09
shamsu mambally
من قبل shamsu mambally , PR & HR officer , Dogus Insaat

no hui

 ohiho udiuad

ddi

dkdiu

sakdgiud

dd

Khushwant Singh Hanspal
من قبل Khushwant Singh Hanspal , AGM Information Technology , Devyani International Limited

Use of antivirus with latest patch updated

sara chhab
من قبل sara chhab

The best defense against ransomware is to outwit attackers by not being vulnerable to their threats in the first place. This means backing up important data daily, so that even if your computers and servers get locked, you won't be forced to pay to see your data again.

Ahmed Elkhidir
من قبل Ahmed Elkhidir , Cyber Security consultant , ARO Drilling

1- configure auto microsoft updates for windows machines. for Corporate it's higly recommended to deploy WSUS server to handle all MS patches updates automatically.

2- configure a very resticted Firewall polices to allow access form or tow the Internet.

3- install L7 firewall infromt of all machines exposed to the Internet.

shahul hameed nazeem
من قبل shahul hameed nazeem , System Administrator , jamiyah singapore

Best way is to use all licensed products for operating systems and antivirus and educate all employees not to mis use admin access to install any cracked softwares and not to be a victim for fake links .

Hayder Mohd Ahmed Hamad Hamad
من قبل Hayder Mohd Ahmed Hamad Hamad , I.T Director , Almajd Satellite Network company K.S.A, Riyadh

• Enable strong spam filters to prevent phishing emails

• Scan all incoming and outgoing emails to detect threats and filter executable files

• Configure firewalls to block access to known malicious IP addresses.

• Patch operating systems, software, and firmware on devices

 • Set anti-virus and anti-malware programs

 • Manage the use of privileged accounts

• Implement an awareness and training program. Because end users

• Configure access controls

 • Disable macro scripts from office

• Implement Software Restriction Policies

 • disabling Remote Desktop protocol

• Use application whitelisting

 • Execute operating system environments

 

• Categorize data based on organizational 

Emad Al-Sai'ari
من قبل Emad Al-Sai'ari , GRC specialist , Sejel Technology

There are many ways to protect your network. So, I will highlight some of these ways:

  1. BACKUP your data
  2. DO NOT OPEN suspicious Emails and Links
  3. Update your system by PATCH and Block unused ports
  4. IF YOU GOT INFECTED, disconnect your network/device immediately

These are some of the solutions BUT not all

Alexander Sinno
من قبل Alexander Sinno , Senior Intrusion Analyst , DELL SECUREWORKS

Hello Rose, 

 

This is an excellent question. I work for Dell SecureWorks one of the largest Cyber Security firms in the world. I deal with high level and low level intrusions across the world with over 4600 clients. 

 

On a daily basis malware authors find different delivery methods, ranging from exploit kits, spam campaigns and ad campaigns. A vast majority of intrusion kill chains start with spear phishing against your network. So you can start by having a proper email appliance such as FireEye MPS to detect and intercept inbound payloads before they reach your employees. Additionally, you need to have proper security at every layer of your network. For example you must have a traffic controller (firewall) like Cisco ASA which you can upgrade to have an IPS Blade.

 

An IPS (Intrusion Prevention System) can inspect and automatically reassemble streams to detect and block inbound exploits and attacks. This operates as a network layer security.

 

Lastly you should have a NGAV (Next Generation Anti Virus). I highly recommend Carbon Black. Carbon Black works by utilizing PBIs (Pattern Based Indicators) to detect specific tactics of malware and alert on them. You can see my video on linkedin which displays how an analyst can go through and create an intrusion story to cover the entire kill chain:

 

(لقد تم حذف الرابط بسبب انتهاكه لسياسة الموقع. يرجى التواصل مع قسم الدعم لمزيد من المعلومات.)

 

Additionally, Ransomware is a very lightweight and powerful malware variant. It leverages Windows APIs and libraries to encrypt data by specific file extensions and also uses a "Hybrid Crypto-System" which essentially uses both asymmetric and symmetric encryption types. This makes it so the author can quickly encrypt the data and secure it making it extremely difficult (however not impossible) to crack.

 

The most important line of defense is backing up your data! You must back up your data two times a day as a preventative measure against these kinds of intrusions. Preventing all of your users from clicking bad links or getting exploited is an impossible endeavor. However, having your data backed up regularly can prevent a total catastrophe. 

 

I hope you found this answer helpful.

المزيد من الأسئلة المماثلة