Skip to content

The internet is quite a hostile environment in terms of cyber threats. The gravity of this issue is becoming more serious with every passing day. Cyber infiltrators are devising new ways of penetrating networks and inflicting irreparable damage to the victim organization.

8 Tips to Protect MS Windows from Ransomware

Also Read: New Ransomware “Nempty Malware” Locks Your PC, Demands $1000 To Unlock

The recent trends of major cyber security breaches clearly reveal that organizations of all size and sectors are potential targets for cyber criminals. Although the threats over cyber space are multi-faceted, we will focus this discussion on a very dangerous threat called ransomware.

Also Read: MegaCortex Ransomware Hits iNSYNQ [2019]

What is Ransomware?

A cyber-criminal will gain unauthorized access to the internal network of a company and ultimately the repository of data. The infiltrator will then encrypt all the data so that it can neither be accessed nor understood by the affected organization. The encryption technique and complexity may vary with each attack.

Just picture this scenario for a moment. All your data is sitting right in front of you but you can neither access it nor make any sense whatsoever out of this. If an organization houses sensitive or personal data, this can have very serious implications for the affected organization.

What Happens Next

Once all the business critical data of an entity has been accessed and successfully encrypted by the attacker, the affected entity is left with very limited options. Generally, the perpetrator will demand a hefty ransom for decrypting or unlocking the data.

Also Read: Mitigate your Ransomware Risk with Cloud Backup and Business Continuity

In some rare cases, the attacker may threaten to release the decrypted version of data over the internet. This is a very dangerous threat especially if the data is of a sensitive or personal nature. The issue becomes even more complicated if there are strict data protection laws in the relevant jurisdiction.

Tips for Protection

Ransomware is the type of attack in which prevention is major feasible option. The other is paying a hefty sum as ransom for decrypting your own data. Although these tips are focused on protecting your windows based system, most tips should be nearly as effective on other common operating systems (OS).

Tips for Protection

Backup

As simple as it may sound, this is a highly effective measure for mitigating the damage from a ransomware attack. These backups should be prepared regularly and the interval for the backup should be determined in line with the industry needs.

The pertinent thing to note is that organizations tend to ignore the importance of backup on the pretext of cost and time saving. You obviously need to procure additional storage for creating the backups and it costs money. Another issue is that of a wrong mindset that considers creating backup as a non-productive and futile exercise.

Off Premise Backup

A ransomware attack is executed after fully penetrating the organization’s network. Therefore, if the backups are also being created on premise and over the existing infrastructure, it is quite possible that the attacker gains access to the backup repository as well.

In addition to the regular backups, some mechanism must be put in place to ensure off premise creation of backups. This should be a stand-alone mechanism that has no interface with the existing infrastructure of the organization. Even if an attacker manages to access the on premise backup, this location still remains isolated.

Older Backups

It is a common mindset that as data gets a bit old, questions whether it’s relevant anymore start to surface. An organization should not completely disregard its old data backups and they should be maintained over a decent interval, in line with the prescribed regulatory guidelines for the industry.

Built-in Ransomware Protection

Most Windows users tend to underestimate it’s in built ransomware protection tool. It should not be fully ignored and given a fair chance to mitigate the risks. Another important aspect to consider is that this tool, like many others, will work optimally only if it has been configured properly as per recommended guidelines.

Firewalls

These act as a gateway for allowing traffic in and out of an organization’s network and have a pivotal role in preventing any intruder from making it into the network. Regardless of whether your firewall is physical or virtual, it must be configured properly to deliver the intended results.

Windows has a fairly effective firewall and if configured correctly, it will surely serve as a strong first line of defense against any perpetrator. The firewall should be set up in a way such that it leaves no loophole for the intruder to exploit and gain access to the organization’s data.

Layered Approach

This safety recommendation is part and parcel of the firewall but a slightly different approach is required. The general implementation of a firewall is only at peripheral layer of the network. This means that if an attacker gains access to the network, it is entirely up for grabs.

A better approach to this problem is to adopt a layered firewall structure. Some additional firewalls need to be deployed at the business critical data and particularly the on premise back up repository. This will ensure that even if the peripheral network is breached, the damage can be curtailed.

Regularly Update Windows

This has been one of the hallmarks of the Windows OS. Although in the first instance, updates may be quite irritating but their benefits outrun the brief hassle of downloading and installing them. To enhance the effectiveness of windows firewall and ransomware protection, always keep your windows up to date.

The same rule equally applies to any web protection tool as their developers are constantly analyzing, decoding and trying to prevent future cyber threats. The prevention of emerging threats is ensured by constantly releasing updates and patches of the existing version. You must be proactive in installing all updates.

Network Monitoring

This effort will not only protect against ransomware, but also against many other cyber threats. Organizations that find themselves exposed to cyber threats must invest time and resources in network monitoring. It is similar to the human pulse which gives early signs of warning about any problem in the human body.

Conclusion

The above tips were in no particular order and in no way exhaustive. Cyber security is such a serious challenge that organizations are finding it difficult to cope with cyber threats. Within the domain of cyber vulnerabilities, ransomware attacks are gaining a lot of traction among hackers due to the financial reward.

The very nature of ransomware attacks makes its protection more of a preventive nature, rather than reactive. Lastly, organizations will have to take the threat of ransomware among its top cyber security priorities. Most of the above tips should be equally effective for OS other than Windows as well.