780.424.2727 email
get a Quote
Cyber Liability: How to Proactively Defend Against Ransomware
November 8, 2021

Cyber Liability: How to Proactively Defend Against Ransomware

Ransomware threats happen when an attacker plants malware on a system that encrypts all the files, making the system useless. Then the attacker offers to sell the victim the key needed to decrypt the files. If the ransom is not paid, the attacker will either delete the key or publish the data publicly.

Cybersecurity company Emsisoft estimates that ransomware demands increased by more than 80 per cent globally in 2020, with hundreds of millions of dollars estimated to have been paid out in ransoms in Canada alone. These types of attacks can be detrimental to an organization, which is why prevention is paramount.

The following tips will help proactively defend against ransomware threats:

  • Segment networks. Separate network hosts into various zones. This will help slow down advanced threats and limit the damage from fast-spreading ransomware. Additionally, an organization should have a demilitarized zone that separates the internet from the internal network.
  • Proactively monitor networks. Networks should be monitored daily through a process performed by someone on staff, likely a member of the IT department. Although there are security tools that will do this, their logs and events often go unchecked, making them ineffective.
  • Prevent attackers from gaining remote access. Ransomware is increasingly deployed by attackers who have gained access remotely via exposed services such as Remote Desktop Protocol (RDP) or unpatched remote access devices. Close these entryways by disabling RDP if it’s not needed or enabling multifactor authentication at all remote access points into the network.
  • Make regular backups of important files. Up-to-date backups are the most effective way of recovering from a ransomware attack. Check that the appropriate members of the organization know how to restore the backup and test it regularly to ensure that it works as expected. It may also be a good idea to make multiple copies of files using different backup solutions and storage locations for added protection.
  • Prepare for an incident. Ransomware attacks can be devastating for organizations because computer systems are no longer available to use. Every organization should have a recovery plan in place, which should include an incident management plan that is practised periodically.

Did you know that 60% of small and medium businesses don’t survive after a cyber attack. Protect your business with Cyber Insurance, call us at 780.424.2727 or click here to get a quote.