I was planning for my summer trip to England while watching some shows in the background. You know, the usual due diligence—digital copies of my passport, updating my itinerary, and having backup activities planned just in case the notorious London rain decides to make an appearance. Seemingly mundane activities that are so very critical to my plans if I want to truly enjoy my vacation. After all, how can I enjoy something if I don’t have sufficient peace of mind?
As a Security Architect, preparing for untoward incidents is pretty much in my job description. Rain may spoil a day of vacation, but issues like ransomware present a unique and really frustrating problem for those of us who deal with data security issues almost daily as they can have a detrimental impact on business operations.
Avoiding cyberthreats and safeguarding precious data has been covered extensively by many agencies across the globe. In fact, the Department of Homeland Security (DHS) considers ransomware such a significant threat that it saw fit to recommend some best practices that will help businesses, organizations, and even individuals thwart and be prepared for a ransomware attack.
I’ll go over the five guidelines issued by the DHS:
1. Establish Perimeter Defense
A perimeter defense forms the first line of defense for any security system. It includes firewalls, Intrusion Detection Systems, Virtual Private Networks (VPNs), and application proxies. The basic idea — stop any attack from penetrating through to your data. I think of this like a hard shell. Hard to penetrate and specifically designed to keep intruders out.
Although it is often used as a standalone security system, I need to follow several guidelines in order to ensure its effectiveness. Even the most advanced perimeter defense systems can potentially be infiltrated by a hacker and cannot protect my data against mistakes made by either employees or customers.
Now, perimeter defense can go the other way as well. Make sure that my employees and customers have access only to permissions that they absolutely need. Restricting access to run third-party programs, for example, goes a long way in shielding my data from potential threats.
2. Update and Patch Vulnerabilities Regularly
Although this guideline is probably the most well-known, it is also the most blatantly ignored of all. New security vulnerabilities are discovered every day. From operating systems to in-house applications, no software is truly secure from the get-go. Unfortunately, miscreants know this.
Did you know that the infamous Equifax data breach was preventable? A simple update to their software would have patched the very vulnerability that was exploited to hack them.
Not patching a vulnerability that has been fixed in an update can have serious consequences. Once a vulnerability is patched in an update, the vulnerability itself becomes common knowledge. What does this mean? It instantly increases the number of people who know about this vulnerability, thereby increasing the probability of an attack. Hackers can pinpoint exactly what is being fixed in a particular update and target systems (organizations) that have put off said update for later.
3. Educate End-users About Cybersecurity
Much like I would read about a country that I’m traveling to before taking a trip, it’s important to know about various threats out there.
Educating both users and employees about cybersecurity is as integral to it as deploying firewalls or updating software. This DHS guideline re-focuses on the human aspect of cybersecurity. As I mentioned earlier, even the best cybersecurity systems are doomed to fail if someone on the inside inadvertently opens a malicious file or link.
In addition to teaching good online practices for websites, end-users should be educated about the different kinds of threats online. From phishing to malicious email attachments, the Internet is crawling with threats that are waiting to penetrate your systems, personal blogs, and access sensitive data.
4. Create Regular Data Backups
Even though I can take the utmost care to make sure nothing goes wrong on my trip, I can’t not prepare for the worst. What happens if my luggage gets stolen? That’ll certainly be a problem if I decided to pack all my backup documents and traveler’s checks in the same place.
The same concept can be applied to data as well.
Keeping backups is a no-brainer today. Maintaining an up-to-date backup gives you a safety net, just in case something goes wrong and an attacker gets past all your defenses. However, if I decide to store backups on a common network or third-party cloud provider, I’m not safeguarding it at all. Any attacker getting access to the network can infect my precious backups as well.
Ideally, data backups should be kept offline and away from the reaches of the Internet. Moreover, all data should be encrypted as well. So, in case a hacker does manage to access them, he/she still won’t be able to read the data itself.
In fact, our DataKeep solution focuses on easing this process. Not only does it tighten access controls to narrow the threat surface, but it also applies advanced encryption to protect the data itself in the event of an attack and makes it possible to recover rapidly.
5. Monitor Environmental Anomalies
With ever-increasing threats like ransomware lurking about, the Internet is turning into that dark alley in a foreign place I wish I could avoid but can’t.
In fact, ransomware is not just ‘some threat’ anymore. It has become very real in the past few years and incidents continue to increase at an alarming pace—affecting not only critical organizations like hospitals and law enforcement agencies, but also taking down entire cities.
Just ask the City of Atlanta.
On March 22nd, Atlanta saw an attack that affected multiple applications and client devices across the city. Critical city data was encrypted and locked; citizens and customers lost access to city applications. A combination of unpreparedness and unawareness caught an entire city by surprise, which then went on to spend a hefty sum to recover all their data. The leaders would’ve done well to follow these recommended ransomware best practices.
Is your local community prepared for a similar ransomware attack? This free infographic will help you assess your cyberattack preparedness!