Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

How to defied Ransomware?

user-image
Question added by Elie Asswad , Senior Systems and Projects Leader , Confidential
Date Posted: 2016/08/30
Hemza ATOUB
by Hemza ATOUB , Sr. CYBER SECUIRITY Consultant IT/OT Certified IBM QRadar| Arcsight SIEM | ISO 27k1 | ICS | 20 CSC , CONFIDENTIAL

In addition to your answers and the last one given by Elie, we must know that the user education is very important : Education users : send security notifications and posters, manuals, animations

Deploy a security Awareness portal ( e-learning portal) that offert to the user the posibility to learn and be trained, read security course about ransomware , phishing ATTACKS .....% of ransomware attacks come from emails attachements

https://www.malwarebytes.com/surveys/ransomware/?aliId=

After education try to run : security awareness campaigns  like phishing compaign , simulating phishing attacks  like ransomware and then see the users prudence and measuring  the security knowledge of the users

This is a very important  point , users must be educated , and every user is responsible for the security of the company

For  ransomware attacks remediations there are many  valid methods published on the  internet

Deleted user
by Deleted user

Ransomware is defined as a type of malware that creates a restriction of some type on the user’s computer. In order to remove the restriction, the user must pay a ransom.

BIJENDER MISHRA
by BIJENDER MISHRA , Sr.GM IT & Global CISO , Alkem Laboratories Ltd

Ransomware is defined as a type of malware that creates a restriction of some type on the user’s computer. In order to remove the restriction, the user must pay a ransom. This form of crimeware is unique in that it tries to coerce the user into directly paying the criminal––effectively turning the malware itself into a way for the attacker to profit. Over the past five years, ransomware has become more and more widespread because of the initial success of cybercriminals in convincing victims to pay to recover their files.

Piotr Teteruk
by Piotr Teteruk , IT Project Manager Roche , Roche

Ransomware is malicious software that cyber criminals use to hold your computer or computer files for ransom, demanding payment from you to get them back. There is a variety of ransomware can get onto a person’s machine, but as always, those techniques either boil down to social engineering tactics or using software vulnerabilities to silently install on a victim’s machine.

The most-proactive method of protecting :

Build a “human rewall”: The biggest threat is users who let the ransomware on their endpoints. People are the weakest link.  

Apply all current operating system and application patches: Many ransomware strategies take advantage of vulnerabilities in the operating system or in applications to infect an endpoint. Having the latest operating system and application versions and patches will reduce the attack surface to a minimum.

Spam ltering and web gateway ltering: Again, the ideal approach is to keep ransomware o the network and the endpoint. Spam ltering and web gateway ltering are great ways to stop ransomware that tries to reach the endpoint through malicious IPs, URLs, and email spam.

Allow only whitelisted items to execute: Use an “application control” method that o ers centrally administered whitelisting to block unauthorized executables on servers, corporate desktops, and xed-function devices, thus dramatically reducing the attack surface for most ransomware.

Limit privileges for unknown processes: This can be done easily by writing rules for host intrusion prevention systems or access protection rules.

Back up your data : The single biggest thing that will defeat ransomware is having a regularly updated backup. If you are attacked with ransomware you may lose that document you started earlier this morning, but if you can restore your system to an earlier snapshot or clean up your machine and restore your other lost documents from backup, you can rest easy.

Filter EXEs in email : If your gateway mail scanner has the ability to filter files by extension, you may wish to deny mails sent with “.EXE” files, or to deny mails sent with files that have two file extensions, the last one being executable (“*.*.EXE” files, in filter-speak).

Elie Asswad
by Elie Asswad , Senior Systems and Projects Leader , Confidential

 

Through the following:

 

-Educating users.

 

-Avoid clicking on any suspicious link.

 

-Avoid opening spam e-mail unless you trust the address.

 

-Keep your systems patch updated.

 

-Make sure you have a trusted antivirus.

 

-Secure your environment through Firewall and sandboxing for large organization.

 

-Keep updated backup of your data always.

-get licensed systems.

-On cell, check application access before downloading.

 

More Questions Like This