By Jason Howells, Barracuda MSP
All businesses would like to be proactive in keeping themselves safe from cyber criminals. So what is the next big ransomware variant on the horizon, and what can you do to protect yourself? The truth is, it is incredibly hard to predict what the next big ransom attack will be, which is why it is vital that you have the necessary technical safeguards in place. Summer holidays are officially over, so you need to dust off your school shoes and begin educating yourselves about ransomware now.
To dive deeper into the specifics of why attacks like WannaCry were so successful, how NotPetya surfaced, and how to safeguard yourselves from future threats, here are some top tips and advice on how to stay safe and out of the Head Teacher’s office.
The School Bully
Recent months have certainly put ransomware back in the spotlight. First the WannaCry attack went global in a matter of days, and then the NotPetya attack hit businesses harder than a teacher hitting the desk with a ruler.
These attacks seemed to have stemmed from a vulnerability leak from a famous hacker group called the Shadow Brokers. This leak contained multiple zero-day exploits (a vulnerability previously unknown to the vendor) including EternalBlue, which was the vulnerability that WannaCry used to infect thousands of computers in May.
Microsoft released a patch back in April to safeguard users from attacks against nine vulnerabilities on the Shadow Brokers NSA exploit list — including EternalBlue — but numerous end-users who were on legacy systems or hadn’t patched their systems fell victim to the attack and ended up having their heads flushed down the toilet.
Today, everyone is at risk from a ransomware attack—no matter how big or small your business is. Keeping business-critical data safe is no easy task, and you could fall victim to the next attack. To reduce your chances of being hit with an advanced threat, follow these best practices.
Be on lookout. Secure commonly exploited threat vectors. Threats can infiltrate networks in various ways. To mitigate risks, deploy robust solutions; such as an email security solution and a next-generation firewall; and secure web applications, remote users, and the network perimeter.
Know their game. Educate users on how to detect social engineering threats. Phishing attacks and spear phishing attacks continue to become more sophisticated—and even savvy users fall victim to them daily. Continue to educate yourselves on how to identify phishing attempts and protect your organisation from these threats.
Don’t give them any ammunition. Keep systems updated. It only takes one area of vulnerability to leave the backdoor open on a network. WannaCry highlighted the importance of keeping up with routine patches. Businesses tend to be slower to implement patches in their network in order to make sure the patch will work with their current environment. Don’t wait too long to implement a patch, though, because it could leave you vulnerable.
Bring Back-up. Backup business-critical data often. Find a reliable backup solution that enables you to restore business-critical data to meet short RPO and RTO times, and then test the backups often. If you do fall victim to an attack, you can simply restore from the most recent backup set to get up and running again quickly.
No one is invincible, anyone including you can fall victim to an advanced threat at any time. But putting the right solutions and procedures in place can help mitigate the risks and severity of an attack. While no one knows what the next big thing will be when it comes to ransomware, following these best practices could be the difference between a pass or fail.