Kevin Wilkins CISSP – Chief Technology Officer

Ransomware attacks are still talk of the town – and with good reason.  They’re disruptive, destructive, expensive, and embarrassing.  An attack against a vulnerable organization can bring that company to its knees.

The low-hanging fruit of file shares are first to go, and if the malware has worm capabilities it can spread flattening entire swaths of servers and workstations that might lie in its path.

Backups, resiliency, and a plan for speedy recovery are key. But how does one defend against Ransomware in the first place?

A successful Ransomware is the ultimate result of an exploit.  The exploit gains access, then the Ransomware payload is dropped to do its dastardly deeds.  Good-bye files!

It really brings us back to the fundamentals of CyberSecurity.  Apply those patches (now)!  Screen emails and web connections.  Train your users.  Employ next-generation host security with protection against exploit behavior and script based attacks.  Stop running users as admins.  Block foreign, unmanaged devices from accessing the network, including remote workers – better yet, provide Virtual Desktops instead of direct VPN access.

Oh yeah, and backups.

Keep up the good fight and check those packages for neutrons, gammas, and odd ticking sounds.  If exploits are the suitcase then Ransomware is the nuke-grade bomb hiding within.  But Ransomware is really just a new way to connect the dots between common cyber-destruction and profit.

Malware coders are motivated, but so are we.

Thanks for listening and happy Monday!