Preventing ransomware

Contents

Preventing ransomware#

Problem#

The chance that your organization will be hit by ransomware is 100%. Despites all security measures to prevent a ransomware disaster, the truth is that sooner or later you will face the problem of dealing with ransomware and getting your data back.

Solution#

Ransomware is malware that prevents you from accessing your information. The computer itself may become locked, or data might be stolen, deleted or encrypted.

E.g. during the 2017 WannaCry ransomware attack many large organizations worldwide simply stopped working.

We depend on technology with advanced software. No company can do business without working information systems.

Note

Paying money to attackers to get back in business is a bad idea and the worst possible solution. Do you really trust the criminals that did this to your company?

Solutions for ransomware can become very expensive. Especially if you have no good prevention measurements taken.

To be clear: Every claim for a general software solution that states it can prevent ransomware disasters is a lie. There is always a risk and ransomware is almost a disaster that is inevitable. There is no simple technical solution for this complex problem. Ransomware software is a very advanced software created by very smart criminals.

The only simple solution against ransomware is:

  • You need to train your recovery procedures. The key to be resilient for ransomware is to create backups and to train your disaster recovery procedures.

  • You should train frequently, so frequently that everyone gets bored. And continue training till it really is boring shit work for all stakeholders involved. But it must be done.

Training recovery procedures and testing offline backups is a must. This is the cheapest and simplest way to be more resilient when a ransomware disaster hits you.

Creating a solid backup strategy is no rocket science. It is simple boring work that just must be done.

And remember: Besides online backups also ensure that working backups are available offline, so backups separated physically from your network. And never ever fully trust a cloud backup solution as a key component within your backup strategy. You will not be the first who will find that every backup that is connected to a network is encrypted by ransomware too.

More info see: https://nocomplexity.com/documents/securityarchitecture/prevention/ransomware.html
And: https://www.cisa.gov/stopransomware

Contents