Ransomware attack trends continue to evolve, and the current iterations are no exception. During the last year, malicious actors have attacked healthcare organisations, medical trials, schools, and shipping agencies.
Considering the impact these modern attacks can have on organisations everywhere, no matter the industry, security professionals must always be ready to secure their systems, networks, and software in new ways.
And according to a recent FortiGuard Labs global threat landscape report, ransomware remains a prolific threat that increased in 2020 and is set to more disruptive. With that in mind, here are eight ways to create a strong ransomware mitigation strategy:
- Continuously providing employees with updates on new social engineering attack methodologies so they know what to look out for.
- Establishing a zero-trust access (ZTA) strategy that includes segmentation and micro-segmentation.
- Regularly backing up data, storing it offline and off-network to ensure rapid recovery.
- Encrypting all data inside the network to prevent exposure.
- Regularly practising response strategies to ensure all responsible parties know what to do in case of an attack, thereby reducing downtime.
- Implementing a strong security posture that includes behaviour-based endpoint security to automatically detect and defuse potential threats in real-time, even on already infected hosts.
- Patch, Patch, Patch. Out-of-Band, emergency, patches will happen. Organizations need to have a plan in place through change control processes to ensure they can respond to emergency patches.
- Getting serious about cybersecurity training and awareness for employees as well as family and students. The home is the new branch today and a vector into the core network.
“Modern ransomware attacks place data and lives at risk, meaning organisations must take a more proactive approach with real-time endpoint protection, detection and automated response solutions to secure their environments,” says Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs.
“From a technical standpoint, cyber hygiene, zero-trust policies, network segmentation, and encryption offer protections. Further, these strategies work best when organisations leverage asset visibility tools to identify their critical assets – once they know where the data resides, they can create a proactive protection strategy.”
Manky adds, “finally, the human element remains as important as technology. Building relationships with law enforcement to share information and threat intelligence is the final piece of the ransomware puzzle. The only way to defeat cybercriminals is to work together against them”.
Follow IT News Africa on Twitter