With work from home becoming popular amid the pandemic, cyberattacks by ransomware operators have been on the rise and they may go on after any organization- an enterprise or a small business, as long as they can gain access to them with ease.

No one today is a stranger to the word- Ransomware! But yes, there are certain tips and tricks to safeguard yourself from such attacks on an organizational level. A good computer security practice can help defend organizations against ransomware attacks.

If you are a supply chain company, then with new remote working normal, working with numerous third-party vendors is becoming inevitable which can create blind spots. A realistic and sustainable security strategy is needed.

Amid Covid-19, BFSI is observed to be one of the most critical and targeted sectors by hackers. Ransomware attacks, data breaches, malicious botnets, DDoS, etc. have created havoc in the sector. Apart from data breaches, a cyberattack can lead to system downtime, which is unacceptable.

With transformative digital technologies privileged accounts and credentials are one of the biggest areas of attack, hence multiple layers of security is required along with eliminating unnecessary privileges and permissions. How many of us in our daily lives keep updating our passwords. Be it bank, or normal mail until provoked! Infact we keep almost similar passwords for all our accounts!

There are some easy ways to keep your organization safe.

  • Establish security awareness within the organization. You can do this through monthly security campaigns that remind employees to avoid clicking on unknown senders’ links and attachments, among other best practices.
  • Establish Group Policy Objects (GPOs) rules. That will allow your organization to control the execution of files on endpoints. You can add rules that block file execution from specific directories, disable attachment-based file executions, restrict access to the control panel, etc.
  • Ensure you have antivirus and firewall installed on all endpoints within the organization. Antivirus software is based on signatures, so there’s still the risk of new ransomware variants slipping through the cracks. The firewall serves as an extra layer of security or first line of defense.  A multi-faceted security system is best – one that employs heuristics, behavior-based detection or EDR (Endpoint Detection and Response), EPP (endpoint protection platform), etc.
  • Backup your data. Ideally, a backup that’s entirely separate from the computer system is best. That’s because if a ransomware attack happens, the backup shouldn’t be affected. But carefully consider all available options since each will come with a degree of risk.
  • Restrict admin rights on endpoints. You can reduce user privileges to decrease the attack surface significantly.

Keep commonly exploited third-party applications updated, such as Flash, Java, Internet Explorer, and others.

Be sure to acquire the right security solutions. As the ransomware continues to evolve, the best cure is a strong defense, maintained and regularly tweaked for improvements.