Contact Us

Ransomware
protection:
How to avoid
ransomware

Author: Nick Reese

The need for ransomware protection has increased as hackers have discovered that it can be an easy way to make a lot of money very quickly. Take a look at two recent high-profile events: Colonial Pipeline paid roughly $5 million to regain access to its business networks in order to start selling gas again, while meat supplier JBS paid about $11 million to bring its meat plants back online after a ransomware attack.

As these payments embolden other hackers, your organization may face even more attacks in the months and years ahead. That makes improving your ransomware resilience not only a critical IT initiative but also a critical business objective as you seek to protect yourself from operational shutdowns and damage to your brand reputation.

Understanding ransomware protection

Ransomware protection describes the people, processes and technologies you put in place to improve your ransomware resilience.

This can include using automated tools such as anomaly detection, creating immutable backups to speed your recovery and training staff to avoid clicking on suspicious links. It can also include building out your cyber security framework for detecting, responding and remediating an attack so everyone knows what to do when the time comes.

Depending on the size of your organization and the structure of your attack surface, establishing ransomware protection can be a time-consuming, complex task. For example, you may not have complete visibility into how secure all your endpoints on the network truly are, especially with the rise of Internet of Things devices that weren't expressly built with security in mind.

In addition, remote employees may lack the protection of your corporate network, leaving them at a higher risk of downloading ransomware that could eventually make it back onto your servers. Don't forget that employees working remotely may also be distracted, which could lead them to let down their guard when getting a suspicious email. That’s an open door to ransomware.

Ransomware projection: How to avoid ransomware

When exploring how to avoid ransomware, you have to know where to start. For some organizations, the weakness might lie in an unpatched endpoint, while for others it may involve untrained employees.

A security review is crucial to assessing your current level of incident preparedness so you can create a baseline to work from. This review will test your business to indicate your risk for ransomware, and it will provide industry benchmarks you can use to understand how, where and why you should direct your security investments.

Other tests can also help you understand where your technology, training or processes might be lacking. For example, during a Ransomware Attack Simulation activity, multiple ransomware behaviors are executed during a single session with the organization's blue team members. This simulation provides insight into the detection and prevention capabilities of the countermeasures that are already implemented. You can collect information related to the number of employees that execute the ransomware, visit the malicious payment portal and even attempt to pay the ransom.

When conducted by a third-party expert, you can better understand your security posture while gaining actionable recommendations for how to drive the most improvement based on your specific organization. In addition, an outside partner can help you conduct security review assessments on a regular basis to ensure that the changes you're making to your cyber security controls and practices have a real-world impact on your ransomware protection.

Is it possible to conduct a security review on your own? Yes, but keep in mind that your staff might not have the cyber security insight or industry best practices experience to uncover every issue. An outside partner not only brings its ransomware protection experience, but it can also help you contextualize threats so you know what to focus on first. A partner can also provide the technology, services, intelligence, analytics and scale you need to quickly respond to ransomware threats, especially if you have a relatively small IT team or lack in-house ransomware experts.

Learn more about governance, risk and compliance services from Verizon. Our experts can help you discover your current ransomware risk posture so you can identify weak spots, strengthen your ransomware protection and help secure your business before you risk becoming the next victim.