pctechguide.com

  • Home
  • Guides
  • Tutorials
  • Articles
  • Reviews
  • Glossary
  • Contact

10 tips to avoid ransomware

Cybersecurity threats are costly nightmares. According to the FBI’s 2020 Internet Crime Report, ransomware attacks in the United States alone cost U.S. organizations more than $29.1 million last year. The U.S. government considers that paying the ransom is entering a vicious cycle that will motivate more extortion by cybercriminals.

Valther Galván, CISO of a SOFIPO in Mexico, considers that this scourge affects different aspects of companies. For example, it impacts business continuity, causes reputational damage, loss of customers, among other things.

There are a lot of things that should be done to stop ransomware, which includes using stronger encryption. Mid-sized and large organizations often resort to endpoint privilege management which is a powerful encryption model used along PAM (privileged access management) to protect endpoints, users, and identities.

To respond to this type of threat, Galván believes that a combination of elements is required to adequately protect organizations. “This includes aligning to solid security practices, as well as implementing innovative prevention and detection schemes for advanced persistent threats. But in particular, taking preventative measures.” The executive recommends 10 actions to protect against ransomware.

Cybersecurity Decalogue
Make users of organizations aware of how threats work and, above all, how to prevent them. -This point usually coincides with multiple perspectives.
Limit access permissions to users’ computers by applying hardening techniques that prevent employees from running software with administrative privileges.
To increase the security of the accesses relying on mechanisms like the double factor of authentication or advanced solutions to strengthen the corporate access.
Implement solutions to prevent users from clicking on links they have received in the mail. Although awareness has been created among users so that they do not click on suspicious links, this requires greater emphasis, because security involves people, processes and technology.
Protect information by having it properly identified and backed up. It must be encrypted and protected from unauthorized access.
Increase the visibility of the technological infrastructure. Many organizations today do not have complete visibility of what is happening inside their organizations, at least in terms of networks and communications.
Perform multiple analyses of cybersecurity events. These analyses will have to be assisted by incorporating AI engine tools to automate the massive processing of logs, system logs, to filter out ‘false positives’ and focus on the events that could really be significant.
Segregate the network. This is critical to facilitate action to contain any cyber threats.
Implement cybersecurity tools capable of detecting advanced persistent threats (APTs) and lateral movement. Primarily those that are non-signature based and use AI and ML engines.
Rely on a framework or standard. There are frameworks such as the MITRE Attack, a comprehensive matrix that gathers and classifies techniques and tactics used by attackers, which includes very specific ransomware techniques in a category called “impact.” Its information allows security teams to see how they can be attacked or review their abilities to detect and stop such threats and plan for optimal protection.

Ransomware, an evolving threat
Ransomware uses social engineering to entice the user to perform an action on their computer or mobile device. Clicking a link, entering a USB drive or visiting a website can put the entire organization at risk. When the victim falls, the attacker can escalate privileges and identify the information handled by the user for subsequent hijacking through encryption.

Galván recalls that in the late 1980s, the first documented ransomware appeared: the AIDS Trojan or PC Cyborg Trojan. It was released on floppy disk in 1989 and resulted in a wave of extortion threats at the beginning of this century. However, it did not come to the attention of the general public until another, more advanced threat called CryptoLocker appeared in 2013.

From there it has evolved into the famous WannaCry, which is considered one of the most devastating and economically impactful attacks. This, along with NotPetya, was very successful due to the implementation of exploits, as the interviewee points out.

Since criminals are always looking for ways to optimize their operations and generate more profit, they were inspired by as-a-service models to create RaaS, whose providers offer all the necessary attack components to generate ransomware campaigns. With this latent risk, following a decalogue like the one proposed by Galván could be a lifesaver to prevent being affected by this threat.

Filed Under: Computer Security

Latest Articles

Dealing with Excel VBA Macros

In this tutorial we will provide an overview of the topic of VBA Functions and User-defined Functions (UDF). We will mention the practices in approaching macros without arguments, functions with one argument and functions with two arguments. We will see some examples of functions with each of these … [Read More...]

Is Etsy the Right Online Marketplace for Your Ecommerce Business?

Etsy is a great place to consider opening an online store. However, it is not without its drawbacks. You need to do your due diligence and know what other online markets are available. You will decide whether Etsy is the right fit. What are the 3 strengths and 3 weaknesses of Etsy? I'm not … [Read More...]

SCSI External Config

This particular scanner has been shipped with a SCSI ID factory setting of 5. Since that's not going to cause any conflict with other SCSI IDs, the setting may be left as it is. … [Read More...]

Gaming Laptop Security Guide: Protecting Your High-End Hardware Investment in 2025

Since Jacob took over PC Tech Guide, we’ve looked at how tech intersects with personal well-being and digital safety. Gaming laptops are now … [Read More...]

20 Cool Creative Commons Photographs About the Future of AI

AI technology is starting to have a huge impact on our lives. The market value for AI is estimated to have been worth $279.22 billion in 2024 and it … [Read More...]

13 Impressive Stats on the Future of AI

AI technology is starting to become much more important in our everyday lives. Many businesses are using it as well. While he has created a lot of … [Read More...]

Graphic Designers on Reddit Share their Views of AI

There are clearly a lot of positive things about AI. However, it is not a good thing for everyone. One of the things that many people are worried … [Read More...]

Redditors Talk About the Impact of AI on Freelance Writers

AI technology has had a huge impact on our lives. A 2023 survey by Pew Research found that 56% of people use AI at least once a day or once a week. … [Read More...]

11 Most Popular Books on Perl Programming

Perl is not the most popular programming language. It has only one million users, compared to 12 million that use Python. However, it has a lot of … [Read More...]

Guides

  • Computer Communications
  • Mobile Computing
  • PC Components
  • PC Data Storage
  • PC Input-Output
  • PC Multimedia
  • Processors (CPUs)

Recent Posts

Direct3D

The key to the way Direct3D (D3D) allows the game developer to author games independently of PC's hardware is its … [Read More...]

Switch & Sync Software Review

PROS: Switch & Sync is one of the easiest products to use in the synchronization area. CONS: Wireless users will not be able to use this … [Read More...]

5 Tips to Improve Your Data Security

In this day and age, data breaches are a major concern for many businesses across the globe. In the first six months of 2019, 4.1 billion records were … [Read More...]

[footer_backtotop]

Copyright © 2025 About | Privacy | Contact Information | Wrtie For Us | Disclaimer | Copyright License | Authors