Basic recommendations to minimize Ransomware
Ransomware infects a personal computer or mobile device, blocking the operation and/or access to part or all of the equipment, seizing the files with strong encryption, and demanding a sum of money from the user as a “ransom” to release them.
Prevention is essential to stop Ransomware.
What are the basic recommendations to stop Ramsomware?
- System and application updates. Keep the operating system and applications updated with the latest security patches.
- Line of defense. An anti-malware solution should be installed and maintained, including a firewall configured to allow access only to the necessary applications and services.
- Anti Ransom Tool. It is a specific tool against this type of attacks, which will try to block the encryption process of a ransomware.
- Antispam filter. Many Ransomware attacks are distributed through mass email campaigns. Include advice not to click on links or open attachments from unknown senders.
- JavaScript blockers. This helps minimize the chances of getting infected through web browsing.
- Security policies. Establishment of policies that prevent the execution of directories commonly used by ransomware, such as App Data, Local App Data, etc.
- Accounts with privileges. Do not use accounts with administrator privileges. 86% of the threats against Windows can be avoided in case of using a common user instead of an administrator. For that reason it is important to use for common tasks a common user and only to leave the administrator for when a series of specific tasks of the system are going to be made.
- File extensions. Displaying extensions for known file types is a good practice to identify possible executable files that want to masquerade as another file type.
- Virtual machines. Using virtual machines to isolate the main system is another effective technique. In a virtualized environment, ransomware usually does not materialize.
- Backup. Backing up important data on an external medium is the most effective measure to minimize damage in case of infection.
How can Solutel help you?
-
E-mail ransomware protection
Cisco Cloud Email Security with Advanced Malware Protection (AMP) blocks ransomware delivered through spam and phishing emails. It even identifies malicious attachments and URLs. Email remains the application that ransomware uses most frequently.
-
Web ransomware protection
Cisco Umbrella with DNS and IP layer enforcement stops ransomware on all ports and protocols. Ransomware protection for Endpoints While you cannot completely prevent risky cyber behavior, you can improve the security of your endpoints and servers. Don’t hesitate, ask us! CISCO UMBRELLA: Cloud security platform that provides the first line of defense against Internet threats wherever users are located. CISCO AMP: CISCO AMP for endpoints offers comprehensive protection against the most advanced attacks. Not only does it prevent breaches and block malware at the point of entry, but it also detects, stops and quickly remediates threats if they bypass front-line defenses and manage to sneak through. If something does eventually get through, AMP provides continuous threat monitoring and detection to quickly detect malicious behavior and response capabilities to quickly contain and eliminate threats before damage is done. Conozca las amenazas que se nos vienen encima. Prepárate con CISCO UMBRELLA. CISCO AMP para terminales, evita ataques y bloquea Malware en el punto de entrada. CISCO y el cumplimiento del GDPR Reglamento General de Protección de Datos Administración de políticas de seguridad de la red. CISCO ISE https://www.solutel.com/post/gran-parte-de-mis-procesos-y-de-mis-datos-van-al-exterior-de-mi-red-corporativa-cisco-umbrella/
More information about Cisco Umbrella and Advanced Malware Protection (AMP)
Related news:
