Ransomware: What is it and how do you avoid it? Part 3
Thanks to Sophos Next Generation and their article “How to Stay Protected Against Ransomware” for the research and technical information used within this blog post. For more information on this subject, visit: https://secure2.sophos.com/en-us/security-news-trends/whitepapers/gated-wp/sophos-ransomware-protection.aspx
Staying secure against ransomware isn’t just about having the latest security solutions.
Good IT security practices such as regular training for employees is an essential component for every single security setup.
Make sure you’re following these nine best practices:
1. Patch early, patch often
Malware that doesn’t come in via a document often relies on security bugs in popular applications, including Microsoft Office, your browser, Flash and more. The sooner you patch, the fewer holes there are to be exploited.
2. Backup regularly and keep a recent backup copy off-line and off-site
There are dozens of ways that files can suddenly vanish. Instances such as fire, flood, theft, a dropped laptop or even an accidental delete can have you missing important information. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.
3. Enable file extensions
The default Windows setting is to have file extensions disabled, meaning you have to rely on the file thumbnail to identify it. Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript.
4. Open JavaScript (.JS) files in Notepad
Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.
5. Don’t enable macros in document attachments received via email
Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of infections rely on persuading you to turn macros back on, so don’t do it!
6. Be cautious about unsolicited attachments
The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s the one you want, but you can’t tell until you open it. If in doubt leave it out!
7. Don’t give yourself more login power than you need
Don’t stay logged in as an administrator any longer than is strictly necessary and avoid browsing, opening documents or other regular work activities while you have administrator rights.
8. Stay up-to-date with new security features in your business applications
For example, Office 2016 now includes a control called “Block macros from running in Office files from the internet,” which helps protect against external malicious content without stopping you using macros internally.
9. Patch early, patch often!
Staying on top of patches is so important that we’ve included it twice. Don’t let ransomware exploit vulnerabilities that have patches available!
Sources:
Sophos, “How to Stay Protected Against Ransomware.” Retrieved from https://secure2.sophos.com/en-us/security-news-trends/whitepapers/gated-wp/sophos-ransomware-protection.aspx