2 minute read
How to Prevent and Respond to a Ransomware Attack
In recent months we’ve seen many high-profile attacks that have targeted government agencies, critical infrastructure and food processing plants. North America has seen a significant increase in ransomware attacks between 2019 and 2020 and this will continue to trend upwards as more organizations and services become interconnected. No organization large or small is immune to an attack and the threat of attack is very real. What makes ransomware attacks so appealing to cybercriminals is the simplicity to execute, lucrative paydays and little chance of being caught.
WHAT YOU CAN DO TO REDUCE A RANSOMWARE ATTACKER’S CHANCES OF INFILTRATING YOUR NETWORK
Advertisement
The computers and information on which we rely are under constant threat from disruptive and potentially destructive ransomware. Ransomware attacks can have significant financial, reputational and operational impact to your organization. While no organization can be fully protected from such an attack, the good news is your organization can implement various measures to reduce the chances of an attacker getting access to your network and data.
MEASURES TO PUT IN PLACE TO HELP THWART RANSOMWARE:
• Implement anti virus or advanced endpoint detection and response (EDR) solutions • Train & test employees on cybersecurity • Implement email protections & URL filtering • Patch & update your systems • Securely harden and regularly scan exposed systems & applications for vulnerabilities • Establish strong access & authentication controls • Restrict the use of personal applications • Restrict & monitor privileged accounts • Disable unnecessary services and system accounts • Use security products or services that block access to known ransomware sites
Even if an organization implements all of the necessary controls and processes, there is still no guarantee your organization is 100% secure. It is critical that organizations establish strong resilience and redundancy through preparation and planning to minimize the impact of an attack and ensure quick recovery.
YOUR ORGANIZATION HAS FALLEN PREY TO A RANSOMWARE ATTACK, NOW WHAT?
• Backup, Secure and segment your critical data • Test your ability to recover from your backups • Develop and test an Incident Response Plan • Consider engaging third party cyber forensic, communications and legal expertise
Ransomware attacks will continue to rise and cybercriminals are getting more sophisticated. It’s not a matter of if, but when an attack will occur. Organizations must work towards decreasing the attack surface, so they can’t be easily exploited and come across as an easy target to attackers. Organizations need to be resilient in their ability to prevent, detect and be ready to respond should an attack occur by employing a multilayered defence strategy.
VIVEK GUPTA, MBA, CISA, CDPSE, CEH is a Partner in BDO’s Toronto office, with over 16 years of professional experience in providing cybersecurity, digital forensics, IT risk and compliance related services to various clients in direct support of their business objectives. His experience spans multiple industry sectors including Financial Services, Energy, Public, NPO, Healthcare, Technology and Retail.
