Ransomware Attacks continue to be a big problem for a lot of organizations around the globe and in particular right here in Canada and the USA. These are a few tips we suggest all organizations implement as soon as possible.
11 Tips to Help Protect Your Network Against Ransomware
1) SUBSCRIBE TO A "CLEAN DNS"
- Never subscribe to your ISP's DNS defaults. Generally these default DNS servers offer little to no protection against malware and phishers. It is better to subcribe to a Clean or DNS Filtering service such as, "22.214.171.124 for families", "Opendns.com" and "Cisco Umbrella" . This is one of the best, first lines of defense. There are plenty of options to choose from and many of them are free. Make sure you push the Filtered DNS settings out to your DHCP Clients on your network by enabling it in your DHCP Server.
2) APPLY SOFTWARE PATCHES AND KEEP SYSTEMS UP TO DATE
- We have all heard of the term "patch tuesday". Whatever day you choose for installing patch updates make sure you update your servers, workstations, switches and routers on a regualr basis, and keep them up-to-date.
3) CHANGE DEFAULT PASSWORDS ACROSS ALL ROUTERS, SWTICHES and AP's
- This is given, NEVER us default passwords for routers, switches, wifi AP's etc. Also, make sure your passwords are not used anywhere else on the network. A differnet password for each device is good practice.
4) TRAIN YOUR STAFF TO RECOGNIZE SUSPICIOUS EMAILS
- Be careful before you click. Did you know that over 90% of cyberattacks start with a phishing email? Can you confidently say that you can effectively identify Phishing scams? Have your employee's take a phishing test quiz like the one's found at these websites.
5) MAKE IT HARDER TO BROWSE ACROSS YOUR NETWORKS
- The SMB protocol is a server client request-response protocol. All Windows operating systems that can be used for networking-such as Windows 3.11, Windows 95, Windows 98, Windows ME, Windows NT, Windows 2000, and Windows XP-can run SMB as server, client, or both. This protocol is used mainly to connect systems with different operating systems, such as Windows, Linux, and so on. By locking down the SMB protcol on your network you can limit what can be seen on your network.
6) UNDERSTAND WHAT'S CONNECTED TO YOUR NETWORK
- Scan your network regularily using a tools such as NMAP or NMAP NSE. Use a Guest wifi for non-employee's or for employee's with personal devices. Change your password on your Wifi regularily. Limit employee laptops, mobile devices, tablets etc.
7) CREATE AN EFFECTIVE BACKUP STRATEGY
Regardless of the size of the business, every company needs a backup system. This means you need to have a robust backup strategy to keep all your business data safe so as to avoid the loss of crucial information in the event of a mishap.
When it comes to creating a backup, businesses typically have two main choices: onsite and remote backup. Onsite backup refers to storing data on a local storage device, such as hard disk, CDs, magnetic tapes, and hard drives. Remote backup, on the other hand, calls for storing data on an offsite server which can be accessed via the internet.
8) THINK BEFORE YOU PAY A RANSOM
- Before considering paying the ransom to recover your files, we recommend seeing if there is another method for recovery that you can explore. Unfortunately, some ransomware may leave you with the only option of paying the ransom to recover your files. Remember, the people you are dealing with are crooks, just because you pay them, doesn't mean your data will be unlocked.
9) SCAN AND FILTER EMAILS BEFORE THEY REACH YOUR USERS
- Consider using a spam filtering service. Email filters can provide a quick yet dependable guard against malware and ransomware attacks. They work in two ways. First, filters capture spam messages and quarantine them. Email services like Gmail, Yahoo, and Outlook.com include a “Spam” folder that users can review. The second way email filtering works is by scanning for malicious code. Today’s email filters can scan documents, executable files, and zip files before they’re opened.
10) CHECK YOUR NETWORK FOR VULNERABILITIES
- Scan your network regularily for vulnerabilities from the inside and outside - NMAP and NMAP NSE are great tools you can use to Check your Network.
11) MAKE SURE YOUR ANTIVIRUS SOFTWARE IS UP TO DATE
- Lots of malware, viruses, and the likes on the Internet can possibly infect your PC while surfing the web. It is extremely important that your antivirus software is up-to-date so as to keep your PC safe.
Located in Edmonton, AB Canada, Clustered Networks was Incorporated in 2001 and has offered Network / Internet and IT Consulting services for over 20 years. We offer personalized service! Call Us Today! - Click Here for our Contact Info