5 ways to prevent ransomware attacks in 2022: Getting backup and security right

 

Ransomware is a growing concern across all industries. These types of cyberattacks are getting more sophisticated and difficult to identify and prevent. A ransomware attack is an external attack on your business, typically executed through email that encrypts the files on your organization’s network. The cyber-attacker then holds those files for ransom, making the files unavailable to you unless you pay a ransom in exchange for a decryption key. Or, if you’ve prepared for such an attack, the ability to restore the files from a backup. 

As a cybersecurity company in Orange County, BRITECITY has helped to protect many clients against ransomware and other types of cyberattacks. To prevent ransomware attacks from affecting your business in the coming year, we recommend the five following strategies. 

  

1. Next-Generation Antivirus 

Over the last 25 years, most companies have installed some form of antivirus software on their computers and systems. However, viruses are now being written and executed in very different ways.  

Historically, antivirus companies have protected computer systems by targeting specific viruses and definitions. Today, many viruses look and act differently, so they don’t trigger traditional antivirus protection. Legacy antivirus software can’t protect against these types of malicious attacks because they don’t recognize them. 

The solution is to install next-generation, AI-based antivirus software. It’s capable of identifying, attacking, and protecting against malicious changes in computer behavior. The AI-based software will remediate the problem and notify the IT department of what happened and what it did to protect your systems.  

BRITECITY recommends AI-based antivirus software for every Orange County based cybersecurity client. 

  

2. DNS-Based Filtering 

There are malicious links on web pages that, when clicked on, will redirect the user to a known malicious online entity. It’s very easy for an employee to click on what looks like a safe link, such as a sales opportunity or a chance to win a vacation. However, a rogue application installed on your computer will silently communicate (behind the scenes) your company’s sensitive and private data to the wrong people. 

DNS-based filtering scans all outgoing Internet traffic, particularly when you’re using public Wi-Fi at a coffee shop, hotel or conference. It keeps a record of known malicious app websites and addresses them. DNS-based filtering significantly reduces the risk of rogue applications sharing your information without your knowledge or permission. 

  

3. Email Phish Campaign Testing 

When you work online, you’ll receive a lot of emails from bad players. These emails attempt to phish for information by asking the individual to log into fake websites masked as legitimate ones. These sites will then take sensitive information and use it for various criminal purposes. 

BRITECITY uses email phish campaign testing to send controlled mock phishing attacks to a company’s employees. The goal is to test employees weekly on how to identify false emails in their inbox. If they click on a fake link because they thought it was safe or legitimate, they are navigated to a training area, where it’s communicated that they’ve fallen for a controlled phishing attack from us. The splash page explains how they could have identified the email as a fake.  

BRITECITY provides clients with a monthly report on who fell for a phishing attack, how often it happened, and anything else of interest. It’s an effective way of doing company-wide training and educating staff on email-based dangers. 

  

4. Immutable Storage 

Backup disaster and recovery systems have changed a lot over the years. They’ve evolved from tapes to hard drives to cloud-based storage. Ransomware attacks have also become more sophisticated as they are not only ransoming production files, but also deleting or encrypting backup files. Some ransom attacks render the backups unavailable, as they’ve either been ransomed or deleted. 

Immutable storage is an undeletable type of backup that allows an organization to recover from a disaster, ensuring that data from previous days is still protected. Data on immutable storage cannot be deleted or ransomed. If a ransomware attack comes in on a Saturday and hits the backup device, it cannot infect the immutable storage data from Thursday or Friday, so that data is protected. 

  

5. Multi-Factor Authentication 

Many organizations rely on a username and complicated password to mitigate the risk to their online resources, online banking, company files, and email. However, this type of protection is no longer enough to prevent ransomware attacks. Cyber-attackers can overcome this type of protection in numerous ways, especially when many people use the same username and password combination for different accounts. 

Microsoft 365 and other services provide the ability to implement multi-factor authentication, which is a secondary form of authentication in addition to a password. Even if you gave someone your password, multi-factor authentication ensures they cannot get into your email, backup files, or computer systems.  

Multi-factor authentication is a simple, effective way to mitigate risk to external-facing usernames, passwords, and credentials for online services. It’s also one of the easiest ways to upgrade your cybersecurity. 


BRITECITY is an Orange County IT Services firm supporting local businesses in the area of Managed IT Services, Cyber Security, Cloud Services and Strategic IT.