How To Prevent Ransomware Attacks

how to prevent ransomware attacks

Now that you read Part 1, you understand what Ransomware is and why it has become the single most costly problem in the world of IT security and business data protection, let’s take a look at several simple, easy-to- deploy solutions that can prevent an unwanted and costly ransomware intrusion in your business. 

Restrict User Administrative Access 

This is a very simple step to take. Users should have their administrative access restricted – ideally removing the ability to install new programs without the IT team’s supervision. This will help your business avoid the most common cause of infection: users downloading infected attachments from emails. 

Granted, this will not be popular with your users. If your users already have administrative rights to their workstations then you will have to drag them along kicking and screaming. That said, a past report confirms what many security professionals have long presumed: Removing administrator rights from everyday user accounts (especially Windows) slows down or stops almost all critical malware infections. The report determined that removing admin rights would mitigate 96 percent of critical vulnerabilities affecting Windows operating systems, 91 percent of critical vulnerabilities affecting Microsoft Office and 100 percent of vulnerabilities in Internet Explorer. 

Use Electronic Vaulting Solutions Like DataForce 

When an infection occurs, it’s often impossible to decrypt the files that are infected - but that doesn’t mean you’re completely out of options. Electronic vaulting is the process of electronically transporting data offsite to a secure location, usually in the cloud. These services provide users with a system for the backup, storage, and recovery of computer files. Sending backups off-site ensures systems and servers can be reloaded with the latest data in the event of a disaster, accidental error, or system crash. Electronic vaulting also allows you to set customized backups and restore points - this is like time travel for your business allowing you to turn back the clock and recover lost files. 

Electronic vaulting is beneficial for large organizations as part of their disaster recovery plan and it’s a great first step for small-office users. When Ransomware or a disaster strikes, and your backup data stored on external drives or USB drives is compromised along with the originals, you'll wish you'd implemented a remote electronic vaulting plan. 

The great news for businesses of all sizes is that electronic vaulting has become far more affordable. This is by far the strongest way to protect your business and it’s worth exploring. 

Show Hidden File Extensions On User Computers 

Most malware uses a hidden “.exe” extension tacked onto the end of a PDF or .docx document. If you enable the user to see the full file extension, it can be easier to spot suspicious files and eliminate them in the first place. By showing hidden file extensions on user computers, you can prevent users from being misled into downloading and running these programs. 

Filter Out .EXE Extensions 

In Emails No email with a .exe extension is a legitimate, important email. If your gateway mail scanner has the ability to filter files by extension, you may wish to deny mails sent with “.EXE” files, or to deny mails sent with files that have two file extensions, the last one being executable (“*.EXE” files). An .exe on an email is almost always a virus, so your IT team should work to filter out these extensions on all company email systems. 

Patch Your Software And Operating Systems Regularly 

A software vulnerability is usually a security hole or weakness found in an operating system or software program. Security vulnerabilities caused by outdated software and operating systems can allow rapid spread of ransomware viruses. You should take every precaution you can to prevent this by keeping your corporate software and operating systems patched and up-to- date. So even though software updates sometimes seem like a hassle, think of it as a preventative measure for your Internet safety. 

Run Comprehensive Antivirus & Malware Solutions On All Systems 

Antivirus and anti-malware solutions are helpful for identifying and destroying specific viruses. A leading anti-virus company was quoted as saying, “a good antivirus product has tools that will help you to schedule a time for a regular virus scan to take place automatically. It will monitor your system and check for viruses introduced by email attachments or through your browser actions, like when you click on links for downloading. It will create log reports that will give you information about what it has found, and if possible, it will attempt to repair any damage that the virus has done.” Ensure that you have a best in class Antivirus and Malware solution on your systems. 

Disable RDP To Reduce Infection Risks 

RDP, or “Remote Desktop Protocol” is a method by which ransomware can spread across multiple machines. RDP allows an infected computer with sophisticated ransomware to open up a connection to another target computer – or even a piece of IT infrastructure – and deploy the same infected files to that computer, locking it up and potentially spreading the virus further. This exploit requires the username/password credentials in the environment to be weak enough to compromise, but attackers are getting more and more sophisticated. End-users generally have no need for RDP, so it should be disabled on all of their computers to reduce infection risk. 

Avoidance Is The Best Protection & Don’t Negotiate If Infected 

As we mentioned in Part 1 of our post, if you are infected, don’t negotiate with your attacker. This just encourages the development and spread of these viruses – and paying a hacker doesn’t guarantee that your files will be decrypted. 

Instead, focus on implementing the simple, easy-to-deploy solutions mentioned above that can prevent an unwanted and costly ransomware intrusion in your business.

For over 15 years, the team at Circadian Force has served small to enterprise level businesses as well as IT Professionals in the areas of disaster recovery, cloud backups, and electronic vaulting. To learn more about their organization, head to Circadian Force.

bootstrap business digital book

I hope you enjoyed this article about understanding the effects of ransomware on your small business and cybersecurity needs.

Interested in more articles about data security & virus protection?

Read My Blog Posts:

- Tips To Shield Your Company From Digital Thieves

- 5 Reasons Why All Companies Need Strong IT Departments

More Bootstrap Business Blog Below

Official Bootstrap Business Blog Newest Posts From Mike Schiemer Partners And News Outlets