In the current era of digitalization, the security of data has become very important. Too much of online association has increased the probabilities of different kinds of cyber attack – one being ransomware. There are several cases of online fraud where individuals or groups have been attacked and delicate information has been whipped.
How ransomware takes place?
Ransomware, a type of malware, is used by cyber thefts to extort money. It holds data to ransom using encryption or by locking users out of their device. This is often spread through phishing emails that contain malevolent attachments. Email may look like it is from a legitimate company, and the victim might be asked to click on a link or an attachment to save money on gifts. But on clicking the link, the data could get stolen via malware.
Ransomware can also take place through drive-by downloading. This occurs when a user unintentionally visits an infected website and then malware is downloaded and installed without the user’s awareness.
Threat to enterprises
The proliferation of digital modes has undoubtedly made things feasible for most of us but at the same time, it has given birth to challenges like ransomware.
This malware has been a prominent threat to enterprises. While ransomware attacks on consumers have deteriorated, enterprise ransomware attacks have seen a more than 300 per cent increase in 2018, an online report said.
According to another media report, the first known ransomware attack occurred in 1989 and targeted the healthcare industry. And the story still continues. Several cases are available where an enterprise has been attacked by ransomware.
How can that be controlled?
There are a number of ways how enterprises can mitigate such attacks:
Making the employees aware of security threats is very significant. They can serve as the first line of defense to combat online threats and can aggressively help stop malware from infiltrating the organization’s system. An advisory mail can be sent to employees stating ‘Do’s and Don’ts to create more cyber awareness. They could also initiate a webinar to demonstrate the same live.
Creating data backup
Enterprises should create their data backup and recovery plan for all critical information. Backups are significant for lessening the impact of potential malware threats. The data can be stored in a separate device or in an offline mode. This ensures that the data is already secured at someplace.
Creating endpoint security
Another vital thing that enterprises should ensure is creating endpoint security. This can definitely help enterprises in saving themselves from any kind of malware and cyber-attack. Vendors providing total endpoint protection software offer basic antivirus and additional security with remediation features.
Using remote access via VPN
With remote access VPNs, firms can establish secure connections between their networks and the devices used by offsite employees. Once connected, the employees can access the resources on the network, just as if their devices were physically plugged into it. This can act as an added security measure.
Additionally, mac binding and two-factor authentication should be enabled to ensure that only protected office laptops/mobiles are being used by employees for connecting to internal office resources.
This is a must-have for any enterprise. Antivirus can remove malicious software from systems. Even something as simple as Windows Defender—which comes built-in to Windows 8 and above—is adept at protecting systems, files, and online activities from viruses, malware, spyware and other digital threats.
Anti-virus and IPS signatures of Gateway Security appliance such as NextGen Firewall should be updated by the firms. Alike, nextgen firewalls, policies of virtual firewalls and CASB should also be reviewed. Mac binding and two-factor authentication should be enabled on Virtual Firewalls too.
Sandboxing should be enabled.
These steps can for sure eradicate malware threats before they infiltrate into the network.