How to protect your company from ransomware


Targeted ransomware attacks or “Ransomware 2.0” are fast becoming a trend in the cybercriminal world. Malicious ransomware families are now conducting data exfiltration coupled with blackmailing. These cybercriminals threaten to publish the data they hold, further increasing the need for their high-profile victims to pay the ransom to protect their valued reputation.

With these recent cases, organizations and enterprises should see ransomware more than just a type of malware. In fact, oftentimes, ransomware is only the final stage of a network breach. By the time a ransomware is actually deployed, the attacker has already carried out a network reconnaissance, identified confidential data and exfiltrated it.

It’s important that organizations implement a whole range of cybersecurity best practices and tools to protect their systems holistically. Identifying the attack at an early stage can save valued data, reputation, and a lot of money.

To protect your company from ransomware, experts from Kaspersky recommend the following:

  • Prohibit unnecessary connections to remote desktop services (such as RDP) from public networks, and always use strong passwords for these services.
  • Install all available patches for VPN solutions that you use to connect remote workers to the corporate network.
  • Update software on all connected devices to prevent vulnerability exploitation.
  • Focus defense strategy on detecting lateral movement and data exfiltration, with special attention to all outbound traffic.
  • Backup data regularly and make sure that in case of emergency you have ready access to the backups.
  • Leverage threat intelligence data to stay up-to-date on attack tactics, techniques, and procedures.
  • Train employees to mind the security of the corporate environment.
  • Use a reliable solution for endpoint protection that counters exploits and detects anomalous behavior and can roll back malicious changes and restore the system. For that, you can use Kaspersky Endpoint Detection and Response and Kaspersky Managed Detection and Response.

Kaspersky Endpoint Security detects and blocks the Avaddon malware with Behavior Detection technology, as well as by scanning engine, cloud detection, detection of ransomware names, including (but not limited to):

  •  PDM:Trojan.Win32.Generic
  •  Trojan-Ransom.Win32.Avaddon
  •  HEUR:Trojan-Ransom.Win32.Generic

Read more: How to keep your financial data safe online


Please enter your comment!
Please enter your name here