Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

Actions for Prevention of Ransomware Attack

June 9, 2021

Ransomware attacks are growing by leaps and bounds. You can’t go a single week without hearing about another victim of a ransomware attack. What’s a user to do? eWeek has a post with five recommendations for actions to help limit the success of a ransomware attack. The recommendations are the compilation of suggestions by CIOs for dealing with ransomware.

  1. Better Management
  2. Cybersecurity Maturity
  3. Know Your Data
  4. Data Backups
  5. Involve Your Employees.

These are good suggestions. Too often, users believe that they will not be the target of a ransomware attack. We all need to up our security game and do a better job of protecting our systems. Backups are absolutely critical, but make sure they are offline and not accessible to the attacker. One of the tactics is to search out backups for the firm and encrypt or destroy them.

I would also add another item to the list. Implement an EDR (Endpoint Detection and Response) application. EDR is different than traditional anti-virus security suites. EDR products are much more sophisticated utilizing AI, machine learning, heuristics, etc. to monitor and control suspicious activity. Some even have the ability to roll back to a prior known good state (pre-infection) and work with a SOC (Security Operations Center) to analyze detrimental activities.

Email:  Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com