The latest victims, such as Media Markt and Saturn, the medical service provider Medatixx and the US broker Robinhood, show the range of goals of ransomware attackers: Ultimately, every industry and every company is at risk. But: ransomware attacks can be prevented or their effects can be reduced.
But even if ransomware acts like an inevitable evil, there are a number of measures that companies can take to prevent an attack and data loss in your business. Michael Scheffler, Country Manager DACH of the data security specialist Varonis Systems, recommends that companies pay particular attention to and implement the following points:
Make the right preparations
Sensitize your employees
Use security training in your company to give your employees a better understanding of cybersecurity and what it means. Carrying out these training courses makes a significant contribution to establishing a security culture and making the company more resistant to cyber attacks.
Reduce your explosion radius
This equates to the damage that could be caused by compromising any single user or device. The fewer permissions each individual account has, the smaller the explosion radius. It is therefore of the utmost importance to restrict access, especially to critical data, to those who really need it for their work.
Use email and endpoint protections
Scan all emails and filter out malicious attachments and links. Always keep firewalls and security software up-to-date with the latest malware signatures. It is also helpful to specially mark emails that come from outside your own network.
Implement a zero trust security model
Assume that your protection system will be defeated and make sure that everything within your perimeter is safe and secure. With the zero trust approach, the credentials of every user and every device are checked each time a resource is accessed inside or outside the network.
Recognize abnormal behavior
The intelligent analysis of user and entity behavior (UEBA) enables unusual behavior of users and devices to be identified and automatically stopped before major damage occurs.
Strengthen your password system
Password security is critical to protecting your assets such as sensitive company data. Use two-factor authentication in your company to prevent the sharing of passwords and the repeated use of the same password. A single sign-on system can also contribute to additional security.
Create immutable offsite backups
Make sure you have backup copies of all important or sensitive data and systems. Train your recovery measures in case of a ransomware attack. Limit access to backups as ransomware attackers often target backup files to limit your recovery options. It should be noted, however, that backups do not provide any protection in the case of double extortion ransomware, which initially exfiltrates important data before encryption. Accordingly, solutions should be in use that can detect and stop data theft.
More at Varonis.com
About Varonis Since its founding in 2005, Varonis has taken a different approach than most IT security providers by placing company data stored both locally and in the cloud at the center of its security strategy: sensitive files and e-mails, confidential customer, patient and Employee data, financial data, strategy and product plans and other intellectual property. The Varonis data security platform (DSP) detects insider threats and cyber attacks through the analysis of data, account activities, telemetry and user behavior, prevents or limits data security breaches by locking sensitive, regulated and outdated data and maintains a secure state of the systems through efficient automation .,