Protect your organization from ransomware & phishing attacks by Tom Reminga - Technology Resource Advisors, Inc.
In today’s technology landscape — which includes email as the preferred communication tool and internet browsing as the conduit of information—organizations of all sizes are at risk from cyber attacks. The latest large scale ransomware attack dubbed “WannaCry” was first detected the morning of May 12, 2017 and affected an estimated 200,000 computers globally. As the methods of intrusion become increasingly sophisticated, protection of your organization’s data should be a top priority. Here are some quick protection tips in order of importance:
End User Education
Most hacker attempts are no longer attacks on firewalls or servers. It is far easier for a nefarious character to pose as a known entity or a trusted brand. Identification of oddities, suspicious timing, or peculiar content in the form of email messages or websites are keys to prevent infections. Ongoing training of your end users to identify common tactics used by hackers will greatly reduce the potential for a virus outbreak.
This tool is the first line of defense when it comes to e-mail phishing attacks and scams. In-depth heuristics and verification methods are critical to eliminate the majority of e-mail phishing attempts.
Secure E-Mail Environment
Many organizations may be unaware of simple and often overlooked configuration details that allow spam filters to work at their top potential. Default configurations may allow invisible hackers to pose as users allowing the transmission of malicious e-mails through the organization’s e-mail server.
Since there is no guaranteed method to prevent all intrusions, a reliable offsite backup solution is extremely valuable when a breach occurs. Utilizing cloud-based backup solutions that can run multiple times per day will limit how much data may be lost in the event of an infection.
Correct User Permissions
Similar to protecting your e-mail environment, it is critical to limit file access for users that do not require rights to certain file locations. Correct permissions and proper design of file structures will protect sensitive information and limit any potential infection or breach that may occur.
What used to be the #1 preventer of infections is now the last line of defense as cyberattacks today are more likely to succeed by exploiting people rather than technology infrastructure. In light of this shift in cyberattack methodology, AV solutions that analyze end user behavior instead of code are recommended.
To learn more about this topic, MMAC members are invited to attend the “Cyber Security & Disaster Recovery” seminar presented by Technology Resource Advisors, Inc. on Thursday, September 14 at the Harley Davidson Museum. The featured presenter will be Byron Franz, Special Agent of the FBI. To reserve your space, send an email to firstname.lastname@example.org.