4 Critical Ransomware Prevention and Recovery Steps Enterprises Should Take

Hackers have learned to attack where the money is and that means enterprises are among the ripest targets of all. We’re talking big money: according to IBM’s annual study of the financial impacts of data breaches on organizations, the average cost is $3.92 million. Even worse, Symantec’s 2019 Internet Security Threat Report found that in 2018, enterprises accounted for 81 percent of all ransomware infections. The statistics are enough to frighten anyone responsible for securing an enterprise. But there are steps you can and must take to prevent successful malware and ransomware attacks. You must be certain you are ready if (or more likely when) an attack occurs. So, take a step back and assess how well prepared your enterprise is if disaster strikes:

1. Train Your People to Recognize Suspicious Emails

Verizon’s 2019 Data Breach Investigation report found that phishing was involved in nearly one-third of data breaches, while 94% of malware was delivered via email. So, teach your people what to look for—including enticing email subject lines, spoofing, and suspicious links and attachments—so they don’t invite ransomware in.

 2. Keep Your Antivirus Software Up to Date

Sure, this seems obvious, but up to date really means now and not tomorrow. There were 24,610,126 unique malicious objects detected by Kaspersky’s web antivirus solution in 2019. Let that number sink in. Sometimes even large enterprises don’t put every patch in place as quickly as they should. Make sure your antivirus software is continuously updated to block every kind of attack, and include email scanning and filtering that can contain phishing attacks.

3. Know Your Network, Protect It Too

Make sure you have the tools you need to know what’s happening across your network. That includes tracking personal mobile devices that may offer hackers a backdoor into your network. Many of these devices lack the built-in security found on corporate machines. Developers are also a favorite target for phishing attacks because they have admin access across multiple systems. Segmenting networks helps reduce risks by limiting and securing the number of admin accounts. Change your default passwords across all access points, too. You’d be surprised how many successful brute force attacks (where hackers use bots to hack passwords) are the result of enterprises failing to use strong passwords or change default passwords.

4. Put an Effective Backup and Disaster Response (DR) Plan in Place

Whether it’s a ransomware attack or a natural disaster, there’s no substitute for preparation. Establish a backup and business continuity strategy and plan that meets your recovery time objective (RTO) and recovery point objective (RPO), and make sure your backups follow the 3-2-2 backup rule, which you can read more about on our blog. An effective backup strategy is your best defense against the consequences of a disaster. A comprehensive DR plan should address your inventory assets and services in addition to your data. You must also establish a disaster recovery team and define responsibilities and include a communications plan. You’ll find a checklist for IT disaster recovery planning here on our blog. Whether your enterprise is large or small, the damage done by a successful attack can be painfully destructive. The best offense is a good defense, and solid planning and preparation. Make sure your DR plan is up to date and your backup strategy is bulletproof. Then, when disaster strikes, you’ll know exactly what to do.