Page 24 - Cyber Warnings
P. 24
That’s why it’s imperative that you keep your backups separate from your local systems, either
on the cloud or on an isolated, offline device. It’s no good having backups if you get locked out
of them at the same time as your other systems, after all.
Authenticate All Incoming Email
It should come as no great surprise to you that email is one of the chief delivery vessels for
malware. All it takes is one employee foolishly downloading an attachment they shouldn’t, and
bam - your network’s infected, and you’re desperately running damage control. To guard
against such a mode of attack, you need to protect your email servers.
There are a few steps in doing this, according to Information Week:
1. Make use of technologies like Sender Policy Framework, Domain Message
Authentication Reporting and Conformance, and DomainKeys Identified Mail. This will
allow you to mitigate attempts to spoof domain names or IP addresses, and make it
harder for attackers to pose as legitimate senders.
2. Scan all stored, incoming, and outgoing mail with a trusted security suite or antivirus
program. Attackers can use legitimate servers to launch an attack just as easily as
spoofed servers, after all.
3. Train your employees to recognize the common elements of a phishing scam, and
devise a response plan that you can put in motion in the event of an infection.
Monitor Everything
Beyond monitoring your email account, keep a close watch on all file activity that takes place on
your servers. If you notice anything suspicious - rapid changes to your files, unusual sharing
activity, or bizarre network traffic - you can lock things down. This will allow you to mitigate the
damage the ransomware might cause; instead of allowing it to infect your entire network, you
can isolate the infection to a system or two.
Ad Blockers Are Your Friend
Like it or not, advertisements are right up there with email as one of the most common delivery
mechanisms for malware. And as demonstrated by the recent controversy with Forbes’ ad-light
experience, publishers cannot be trusted to effectively police their advertising networks. By
installing ad blockers on all of your systems (and advising your users to do the same with any
personal devices), you’ll put a lid on one more potential attack vector.
Tweak Your Settings
Last but certainly not least, there are a few settings you can tweak and modify to effectively
neuter most of the leading ransomware tools.
24 Cyber Warnings E-Magazine – August 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide