Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

Combat Ransomware with Essential Technology

September 30, 2021

There is a lot of talk (podcasts, articles, seminars, etc.) about the significant rise in ransomware attacks and rightfully so. Some reports indicate a ten-fold increase in ransomware attacks over the past year. The move for more remote working isn’t helping the situation. We’ve said it many times before – the work‑from‑home (WFH) environment is fertile ground for the attacks as employees are using an insecure and vulnerable home network built upon consumer grade technology. The security practices for WFH are also far below where they need to be. A CSO article said it well, “Enterprises went from 20,000 employees working in five offices to 20,000 employees working in 20,000 offices almost overnight.” It also mentions three essential technologies to combat ransomware.

Transition VPNs to ZTNA. Using a VPN is better than not using one, but you need to begin transitioning to zero trust architecture. Don’t know what ZTA is? We wrote an article in April 2021 that may help. Basically, zero trust means trust nothing and authenticate everything and everybody. The traditional perimeter defenses are not very effective when a large portion of the workforce is remote, and more cloud services are being utilized.

Bring Enterprise-grade security and networking to employees’ homes. If your remote employees use home machines, then make the home machines part of the firm’s network. Manage them just like you manage the devices on your internal network. It’s a good time to roll out next-generation routers and firewalls, Wi-Fi 6 and mesh networks.

Add Endpoint Detection and Response. Not really sure what endpoint detection and response (EDR) is? I have an earlier blog post that gives some comparison of EDR tools. EDR works using AI and machine learning to help combat ransomware attacks and even recover by rolling back to a known good state. With all the talk around ransomware, I am surprised how little you hear about EDR. I believe we are well past the time when everyone should be using some sort of EDR solution.

Finally, don’t forget about increasing the cyber security IQ of your employees. Training is essential, especially as the tactics and capabilities of the cybercriminals are constantly changing. Prevention is one thing, but you need to be prepared to recover too. EDR will help there, but make sure you have properly engineered backups. My post on Eight Steps for Successful Ransomware Recovery may give you some good ideas too.

Email:   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com