Five Tips to Reduce Your Ransomware Attack Surface

When it comes to protecting ourselves against ransomware, there is no one magic thing that we can do to make us immune to attacks. Cybersecurity is about creating a layering defense and covering all bases. This takes time and resources but is crucial to the success of businesses of all sizes.

While some networks will require special deliberation, there are steps that all businesses can take to secure their business systems. Here are five tips to reduce your ransomware attack surface and build a strong defense against cyber threats:

1. Patch software

One of the most obvious things a company can do to secure their network is to patch its software. Leaving software unpatched is like inviting the hacker in through your front door and asking them to help themselves. By patching your system’s software, you are closing the door to attacks based on known vulnerabilities. The 2017 WannaCry ransomware attacks are an excellent example of this; a known vulnerability was patched and published by Microsoft. However, many people were not on top of updating their software and were attacked in the months following and were forced to pay the ransom or lose their data.

Patching your software timely requires hackers to look for more creative ways to get access to your sensitive data, like looking for undiscovered vulnerabilities, which can be much harder.

2. Least privilege policies

Least privilege connotes limiting access to data to those users who explicitly need access. This can mean assigning access to only certain parts of the network for some users. Because of this, implementing least privilege policies into your IT environment allows for better visibility into data movement. By knowing who is allowed access to certain parts of the network, you can see who is accessing data and when, and more easily identify unauthorized access to sensitive data.

3. Strong Password Policies

According to Google, compromised passwords are the number one reason that websites are hacked. A compromised password can be obtained by the hacker on the dark web, or through brute-force guessing techniques. An analysis by Skyhigh Networks found that the same 20 passwords made up 10.3% of 11 million stolen passwords for cloud services, or about 1.13 million passwords. These same passwords can be cracked in less than 1 second. All of these facts should convince you of the necessity of creating strong passwords. Besides using common, guessable passwords, don’t make these other common password mistakes:

  • Using the same 2 passwords. Did you know that over two-thirds of people only use 2 passwords? Using the same passwords for different accounts can lead to all your accounts being compromised when one is hacked.
  • Keeping your passwords in an unsecured place. Around 40% of organizations keep privileged passwords in a Word document or spreadsheet, one of the least secure places to keep privileged information. Instead, try using a password manager, or something similar that limits access to sensitive information.
  • Never changing passwords. Keeping the same password for your email account since your freshman year in college increases your chances of using a compromised password. Frequently updating passwords can prevent access to those who knew your password at one time.

4. Educate Organization Members

The members of your organization can be your weakest links if they are not trained appropriately to have good cyber hygiene, including how to identify phishing emails and other cyberthreats.

5. Secure remote access pathways

Be cautious of external vendors who have access to your network. Vendors may not have the same level of security protocols as your organization, and may not be as careful about keeping information secure. To double down on their potential lack of security, limit access to resources in your network through a single access pathway, giving you more visibility into traffic going in and out. Here you can also implement granular, role-based access to prevent the over-exposure of sensitive information to unwanted users.

BONUS TIP: Keep your backups separate from your main network and off-prem

As your last line of defense, your backups should not be on the same network as the rest of your data. Doing so puts your backups in the same situations as your active data, so in a situation where you need to restore from your backups, there is much less of a chance that your backups will be unaffected by the same ransomware that rendered your active data useless.

Keeping your backups on a different network and off-site allows for a barrier of protection between the backups and the active data. For some backup solutions, this can mean a slower recovery, which can be detrimental to any organization. With Rubrik cloud data management, you can restore from your backups almost instantly from immutable backup stores, even when backups are stored off-site. Rubrik was built to be ransomware proof and boasts features like data immutability and end-to-end encryption.