Malware has been around for nearly 40 years, longer even than the World Wide Web, but ransomware is a different kind of threat, capable of crippling a company and damaging or destroying its critical data.
And the threat is growing. Estimates vary, but a recent FortiGuard Labs Global Threat Landscape Report found an almost 10-fold increase in ransomware attacks between mid-2020 and mid-2021. No sector has been spared from its ravages.
Basic cybersecurity defenses still apply: next generation firewalls (NGFW), endpoint detection and response (EDR) platforms, employee cybersecurity training, patching. As most malware comes via email and websites, don’t overlook the importance of gateways.
Zero trust is an important new tool to add to all that, essentially walling off your most important data. Machine learning-based behavioral detection is also of growing importance, recognizing attacks by detecting anomalous behavior. And a SIEM is always a good idea for centrally managing everything.
Ransomware Protection and Recovery Steps
But ransomware requires additional steps even beyond that, and the extraordinary damage and cost victims incur makes them worth the cost.
The first is high-integrity, air-gapped data backups, which is the quickest and cheapest way to recover from an attack. But “recover” is a key term: make sure you have the bandwidth to restore your data quickly.
Ransomware removal tools
The second piece – which your EDR vendor, for example, may already offer – is a ransomware removal tool that may be able to decrypt your data and remove the ransomware quickly, and possibly even block an attack before it gets anywhere. There are also free ransomware decryption resources on the internet to help you.
Ransomware recovery services
The final piece you should consider is having an arrangement with a ransomware recovery service should a crippling ransomware attack occur. It may be the thing that keeps you in business.
These three ransomware protection and recovery steps by themselves, we should note, won’t protect a company from intellectual property (IP) theft or from having embarrassing secrets revealed; they’re aimed mainly at getting a company back up…