Protecting Your Organization Against Ransomware Attacks
March 23, 2022
The Goals of Cybersecurity Governance
May 2, 2022
By: Jay Town, Gray Analytics VP & General Counsel
Cyber threats continue to grow in sophistication and complexity as technology evolves. Businesses and agencies of all sizes are being affected, and inattentive or careless employees are one of the primary causes of data breaches at small-and medium-sized businesses. Training for cyber security is paramount in today’s world as the “Human Firewall” is likely the most important line of defense against future cyber incidents. A cyber-aware organization provides a level of defense that cannot be present without adequate training. It is the responsibility of every CEO, principal, and individual to familiarize themselves with the scope of today’s biggest cyber threats and the manner in which those cyber threats can be abated. Helping employees learn what to look for, what not to do, and what to do both proactively and in the event of a cyber-attack or breach will significantly reduce the risk of cyber-related incidents to your organization.
This can sound daunting! Thankfully, there are several practical steps business leaders can take to get their companies well on their way along the roadmap to cyber health.
Assessing the readiness of human capital and providing improvement strategies is the single most important factor in reducing the occurrences of cyber incidents across an organization. Gray Analytics’ extensive knowledge and experience in how people react to threats such as phishing attacks or business email compromise (BEC) will help you create solutions that provide the first line of defense against cyber threats.
Jay Town, former U.S. Attorney and Gray Analytics’ Vice President, General Counsel, and ChainShield™ Lead, has prepared a series on cybersecurity tips and best practices to help business leaders take the first steps to securing their operations. Learn more by reading our additional posts linked below.
Further reading:
- The 11 Critical Cybersecurity Questions Your Company Needs to be Asking Today
- How to Defend Against Today’s Biggest Cyber Threats
- How to Best Protect Your Organization Against Ransomware
What is Malware?
Malicious software, or malware, has many uses for cyber criminals. It allows them to examine critical data and files on your network. They are able to exfiltrate information and data that may be critical to your business or agencies success. Malware can all grant cyber criminals access to personal identifiable information for the individual user, which can then broaden the harms done by this cyber-attack.
Malware is the key weapon used by cyber criminals during a ransomware attack. The most common manner of a ransomware attack is for the malicious software to be delivered through phishing emails or via “drive-by downloads.”
Phishing emails are emails that appear to originate from a legitimate source known to the victim, thereby inviting the user to click on a malicious link or open a malicious attachment. The malware is then downloaded upon that “click event,” and the ransomware attacker is then able to encrypt data or files on the victim’s network.
What Can be Done to Guard Against Malware?
The experts at Gray Analytics have identified the following security practices which can help you reduce the risks associated with malicious software:
- Install and maintain antivirus software. Antivirus software recognizes malware and protects your computer against it. Antivirus software should be installed by a reputable vendor and should always be kept up to date by “patching” or updating the software automatically.
- Use caution with links and attachments. When using email or the internet, take appropriate precautions to reduce the risk of an infection. Use caution before clicking on unsolicited email attachments and email links, even if they seem to come from trusted sources.
- Use an account with limited permissions. It is a wise cybersecurity practice to use an account with limited permissions. Restricted permissions keep the malicious code from spreading and escalating to a broader function (e.g., administrative account).
- Regularly change your passwords. Whether you believe your computer has been infected or not, changing passwords will prevent any “blunt force intrusions” from occurring on your computer. If you believe your computer is infected, immediately change your passwords on all devices on which your account is located (e.g., computer, laptop, cell phone, tablet).
- Keep software updated. Vulnerabilities become known to cyber criminals and they leverage them immediately. Installing software patches on your computer fills the gaps in those vulnerabilities.
- Back up data. Regularly back up your documents, photos, and important email messages to the cloud or to an external hard drive. Your information will not be lost in the event of an infection.
- Install or enable a firewall. Firewalls can prevent some types of infection by blocking malicious traffic before it enters your computer.
- Report to IT Department. If you suspect that your computer or device has been infected with malicious software/ransomware, report this to your IT helpdesk or security office immediately. The IT Department should immediately contact professional cybersecurity providers to remediate against the ransomware threat. The company should be identified in the proactive reaction plan – or Incident Response Plan (IRP) – and that company should be Gray Analytics.
- Regularly monitor your network. Penetration tests and threat hunts should be conducted at least annually in order to look for any digital signatures of malware or previous exfils. If you identify unauthorized or unusual activity, contact your account provider immediately.
- Avoid using public Wi-Fi. Public Wi-Fi is easily hacked, and therefore anyone traversing the internet on public Wi-Fi runs a great risk of cyber intrusion.
What Else Can Organizations Do to Protect Themselves?
The experts at Gray Analytics can tailor your cybersecurity needs to your cyber threats and risks. Whether it be hardening your network, training your employees about cyber threats, or penetrating your network to search for cyber threats, Gray Analytics can help.
The cybersecurity best practices listed below can help organization assess their cybersecurity needs and cyber threat exposure:
- Elevate cybersecurity risk management discussions to the company CEO and the leadership team.
- Implement industry standards and best practices rather than relying solely on compliance standards or certifications.
- Evaluate and manage organization-specific cybersecurity risks.
- Develop and exercise cybersecurity plans and procedures for incident response, business continuity, and disaster recovery.
- Retain a quality cybersecurity partner for both proactive and reactive cyber measures.
- Maintain situational awareness of cybersecurity threats.
Ransomware Attacks are Becoming More Common and More Costly
According to Cybersecurity Ventures, ransomware was expected to attack a business every 11 seconds by the end of 2021, and damage costs were predicted to reach $20 billion (LINK). The federal Cybersecurity and Infrastructure Security Agency lists backing up your data as the first action to take today to make sure you are not tomorrow’s headline (LINK).
Comprehensive assessments of people, process, and technology are paramount to understanding the ability of an organization to detect, defend, and recover from a cyberattack. Gray Analytics provides the depth and breadth of expertise to review and understand your organization’s cyber landscape in all three domains.
Engaging with Gray Analytics’ team of experts to perform a comprehensive assessment of your operation can help you feel confident that risks to your business are clearly identified and effectively mitigated.
