Basic recommendations to minimize RansomwareMaria Cruz Alcocer
Basic recommendations to minimize Ransomware
Ransomware, infects a personal computer or mobile device, blocks the operation and / or access to part or all of the equipment by seizing the files with strong encryption and requires the user an amount of money as “rescue” to free them.
Prevention is essential to stop Ransomware.
What are the basic recommendations to stop the Ramsomware?
- System and application update. Keep the operating system and applications updated with the latest security patches.
- Line of defense. It is convenient to install and maintain an antimalware solution, including a firewall configured to allow exclusive access to the necessary applications and services.
- Anti Ransom tool. It is a specific tool against such attacks, which will try to block the encryption process of a ransomware.
- Spam Filter. Many of the Ransomware attacks are distributed through massive email campaigns. Include the advice not to click on links or open attachments from unknown senders.
- Security politics. Establishment of policies that prevent the execution of directories commonly used by ransomware, such as App Data, Local App Data, etc.
- Accounts with privileges. Do not use accounts with administrator privileges. 86% of threats against Windows can be avoided if a common user is used instead of an administrator. That is why it is important to use a common user for common tasks and only leave the administrator for when a series of specific system tasks will be done.
- File extensions. Showing extensions for known file types is a good practice to identify possible executable files that want to impersonate another type of file.
- Virtual machines. Using virtual machines to isolate the main system is another effective technique. In a virtualized environment the action of ransomware does not usually materialize.
- Backup. Making backup copies, hosted in an external environment, of important data is the most effective measure to minimize damage if infected.
How can Solutel help you?
Email ransomware protection
Cisco Cloud Email Security with Advanced Malware Protection (AMP) blocks ransomware delivered through spam and phishing. It even identifies malicious attachments and URLs. Email is still the application that ransomware uses most frequently
Web Ransomware Protection
Most ransomware attacks use DNS. Cisco Umbrella with DNS and IP layer application stops ransomware on all ports and protocols. Stay protected with Umbrella whether you are in or out of the network.
Endpoint ransomware protection
Cisco Advanced Malware Protection for Endpoints prevents ransomware files from being held hostage to your system. While you cannot completely avoid risky cyber behavior, you can improve the security of your endpoints and servers.
More information about Cisco Umbrella and Advanced Malware Protection (AMP)
CISCO UMBRELLA: Cloud security platform that offers the first line of defense against threats on the Internet wherever users are located.
- Cisco Umbrella gives full visibility of Internet activity from all locations, devices and users.
- Block threats before they reach your network or endpoints.
- Protection against threats like no other: malware blocking, callback calls and phishing returns.
- Predictive intelligence: automates threat protection by discovering attacks before launch.
- Worldwide coverage in minutes: no hardware to install or software to maintain.
- Security reports: get a personalized summary of malicious requests and more, directly in your inbox.
CISCO AMP: CISCO AMP for terminals, offers complete protection against the most advanced attacks. Not only does it allow you to avoid gaps and block malware at the point of entry, but it also detects, slows down and quickly fixes threats if they evade front-line defenses and manage to sneak in. If something finally gets introduced, AMP provides continuous monitoring and threat detection to quickly detect malicious behavior and response capabilities to quickly contain and eliminate threats before damage occurs.