pctechguide.com

  • Home
  • Guides
  • Tutorials
  • Articles
  • Reviews
  • Glossary
  • Contact

10 tips to avoid ransomware

Cybersecurity threats are costly nightmares. According to the FBI’s 2020 Internet Crime Report, ransomware attacks in the United States alone cost U.S. organizations more than $29.1 million last year. The U.S. government considers that paying the ransom is entering a vicious cycle that will motivate more extortion by cybercriminals.

Valther Galván, CISO of a SOFIPO in Mexico, considers that this scourge affects different aspects of companies. For example, it impacts business continuity, causes reputational damage, loss of customers, among other things.

To respond to this type of threat, Galván believes that a combination of elements is required to adequately protect organizations. “This includes aligning to solid security practices, as well as implementing innovative prevention and detection schemes for advanced persistent threats. But in particular, taking preventative measures.” The executive recommends 10 actions to protect against ransomware.

Cybersecurity Decalogue
Make users of organizations aware of how threats work and, above all, how to prevent them. -This point usually coincides with multiple perspectives.
Limit access permissions to users’ computers by applying hardening techniques that prevent employees from running software with administrative privileges.
To increase the security of the accesses relying on mechanisms like the double factor of authentication or advanced solutions to strengthen the corporate access.
Implement solutions to prevent users from clicking on links they have received in the mail. Although awareness has been created among users so that they do not click on suspicious links, this requires greater emphasis, because security involves people, processes and technology.
Protect information by having it properly identified and backed up. It must be encrypted and protected from unauthorized access.
Increase the visibility of the technological infrastructure. Many organizations today do not have complete visibility of what is happening inside their organizations, at least in terms of networks and communications.
Perform multiple analyses of cybersecurity events. These analyses will have to be assisted by incorporating AI engine tools to automate the massive processing of logs, system logs, to filter out ‘false positives’ and focus on the events that could really be significant.
Segregate the network. This is critical to facilitate action to contain any cyber threats.
Implement cybersecurity tools capable of detecting advanced persistent threats (APTs) and lateral movement. Primarily those that are non-signature based and use AI and ML engines.
Rely on a framework or standard. There are frameworks such as the MITRE Attack, a comprehensive matrix that gathers and classifies techniques and tactics used by attackers, which includes very specific ransomware techniques in a category called “impact.” Its information allows security teams to see how they can be attacked or review their abilities to detect and stop such threats and plan for optimal protection.

Ransomware, an evolving threat
Ransomware uses social engineering to entice the user to perform an action on their computer or mobile device. Clicking a link, entering a USB drive or visiting a website can put the entire organization at risk. When the victim falls, the attacker can escalate privileges and identify the information handled by the user for subsequent hijacking through encryption.

Galván recalls that in the late 1980s, the first documented ransomware appeared: the AIDS Trojan or PC Cyborg Trojan. It was released on floppy disk in 1989 and resulted in a wave of extortion threats at the beginning of this century. However, it did not come to the attention of the general public until another, more advanced threat called CryptoLocker appeared in 2013.

From there it has evolved into the famous WannaCry, which is considered one of the most devastating and economically impactful attacks. This, along with NotPetya, was very successful due to the implementation of exploits, as the interviewee points out.

Since criminals are always looking for ways to optimize their operations and generate more profit, they were inspired by as-a-service models to create RaaS, whose providers offer all the necessary attack components to generate ransomware campaigns. With this latent risk, following a decalogue like the one proposed by Galván could be a lifesaver to prevent being affected by this threat.

Filed Under: Computer Security

Latest Articles

Keep Corporate Data Safe

Everyday we hear about some a company having its network and data breached. The scary part is it is done to large corporations that we assume have multimillion dollar IT security budgets. We presume them to be impenetrable. The fact is it can happen anywhere. Facing a data breach can be expensive … [Read More...]

Graphics Card Driver Un-Installation

It's important to uninstall your existing drivers so as to avoid any potential conflict with those for your new card. If the drivers in question came with their own uninstall utility, then use that. If not, the odds are that you'll be able to remove its drivers via Add/Remove Programs, … [Read More...]

Solid state hard drive (SSD) technology guide

A solid state drive is a storage device that uses solid state memory to store data. While technically not a disk, a solid state drive will often be referred to as a solid state disk drive, or a solid state disk, in reference to the fact that, in some ways, it replaces the traditional … [Read More...]

Revolutionize Your Internet Experience with Orbi 960 – The Ultimate WiFi System

In a world where seamless connectivity is essential, slow and unreliable internet connections are a major problem. Whether you are running a business, … [Read More...]

Do You Need a VPN When Trading Cryptocurrency?

There’s no doubt that the biggest global industries in 2023 are tech-driven, while there remains a significant crossover between many of these … [Read More...]

Goodbye Bitcoin: the 3 alternative cryptocurrencies that have great upside potential, according to experts

Bitcoin has been a very lucrative investment for people that got into it early. One report from The Motley Fool pointed out that $10 of bitcoin … [Read More...]

Self-driving cars face their Achilles’ heel and may be targets of hackers

The market for self-driving cars is booming. Customers spent $22.22 billion on these autonomous vehicles in 2021 and they will likely spend more in … [Read More...]

How to avoid scams with bitcoin and other cryptocurrencies

Cryptocurrencies got a bad reputation when scams multiplied like ants on a piece of cake. Even today many people associate bitcoin and other … [Read More...]

WHAT IS CLOUD COMPUTING AND WHAT ARE ITS MAIN BENEFITS?

Users are Increasingly using cloud computing to store their information, which is replacing local storage. The business digitization process goes … [Read More...]

Guides

  • Computer Communications
  • Mobile Computing
  • PC Components
  • PC Data Storage
  • PC Input-Output
  • PC Multimedia
  • Processors (CPUs)

Recent Posts

AMD 3DNow

With the launch of K6-2, in May 1998, AMD stole something of a march on Intel, whose similar Katmai technology was not due for release until up to a … [Read More...]

UTRAN

UTRAN Definition: UMTS Terrestrial Radio Access Network: the name of the WCDMA radio network in UMTS. … [Read More...]

Add Folders to Start Menu in Windows

I've been talking a little lately about how to keep your desktop more organized. I absolutely hate clutter on the desktop. It makes finding things a … [Read More...]

[footer_backtotop]

Copyright © 2023 About | Privacy | Contact Information | Wrtie For Us | Disclaimer | Copyright License | Authors