Register now or log in to join your professional community.
Nowadays its hard to secure a network specially in a larger network. We don't know when or what virus attacks our network.
no hui
ohiho udiuad
ddi
dkdiu
sakdgiud
dd
Use of antivirus with latest patch updated
The best defense against ransomware is to outwit attackers by not being vulnerable to their threats in the first place. This means backing up important data daily, so that even if your computers and servers get locked, you won't be forced to pay to see your data again.
1- configure auto microsoft updates for windows machines. for Corporate it's higly recommended to deploy WSUS server to handle all MS patches updates automatically.
2- configure a very resticted Firewall polices to allow access form or tow the Internet.
3- install L7 firewall infromt of all machines exposed to the Internet.
• Enable strong spam filters to prevent phishing emails
• Scan all incoming and outgoing emails to detect threats and filter executable files
• Configure firewalls to block access to known malicious IP addresses.
• Patch operating systems, software, and firmware on devices
• Set anti-virus and anti-malware programs
• Manage the use of privileged accounts
• Implement an awareness and training program. Because end users
• Configure access controls
• Disable macro scripts from office
• Implement Software Restriction Policies
• disabling Remote Desktop protocol
• Use application whitelisting
• Execute operating system environments
• Categorize data based on organizational
There are many ways to protect your network. So, I will highlight some of these ways:
These are some of the solutions BUT not all
Hello Rose,
This is an excellent question. I work for Dell SecureWorks one of the largest Cyber Security firms in the world. I deal with high level and low level intrusions across the world with over 4600 clients.
On a daily basis malware authors find different delivery methods, ranging from exploit kits, spam campaigns and ad campaigns. A vast majority of intrusion kill chains start with spear phishing against your network. So you can start by having a proper email appliance such as FireEye MPS to detect and intercept inbound payloads before they reach your employees. Additionally, you need to have proper security at every layer of your network. For example you must have a traffic controller (firewall) like Cisco ASA which you can upgrade to have an IPS Blade.
An IPS (Intrusion Prevention System) can inspect and automatically reassemble streams to detect and block inbound exploits and attacks. This operates as a network layer security.
Lastly you should have a NGAV (Next Generation Anti Virus). I highly recommend Carbon Black. Carbon Black works by utilizing PBIs (Pattern Based Indicators) to detect specific tactics of malware and alert on them. You can see my video on linkedin which displays how an analyst can go through and create an intrusion story to cover the entire kill chain:
(URL removed due to policy violation. Please contact support for further information.)
Additionally, Ransomware is a very lightweight and powerful malware variant. It leverages Windows APIs and libraries to encrypt data by specific file extensions and also uses a "Hybrid Crypto-System" which essentially uses both asymmetric and symmetric encryption types. This makes it so the author can quickly encrypt the data and secure it making it extremely difficult (however not impossible) to crack.
The most important line of defense is backing up your data! You must back up your data two times a day as a preventative measure against these kinds of intrusions. Preventing all of your users from clicking bad links or getting exploited is an impossible endeavor. However, having your data backed up regularly can prevent a total catastrophe.
I hope you found this answer helpful.