How to Prevent Ransomware: 7 Tips to Protect Your Business

Ransomware Attacks with Remote Access Tools

You may have seen in the press that there are continuing Ransomware attacks and there is a recurring theme and want to know how to prevent ransomware attacks. In particular with Remote Access and Ransomware. Used to be that attackers encrypted your information, relying on the fact that either the backup schedules you had in place weren’t up to scratch or your disaster recovery / business continuity processes took too long to invoke. Either way they wanted the money and you hoped that if you paid, you got the key.

These days it’s about extracting the data before they encrypt it, they hold a copy of that data and they threaten its release, where that would not only be damage to your business reputation, but could cause some issues for customers if that type of data is released or sold on the Dark Web.

Businesses have had their data stolen before encryption, and they ended up paying the fee in the agreement that the hacker will not release the data. Here you rely on the word of a criminal and hope they don’t come back to you asking for more money.

Entry points for these types of Remote Access and Ransomware attacks, apart from email, can be through insecure Remote Desktop Protocol (RDP). It’s a great tool for your users, but if the right security measures aren’t in place, unfortunately it’s only a matter of time before exploit and it puts your business at risk.

Computer backing up to the cloud

Tips on How to Prevent Ransomware and help Protect Your Business

If you are a business that relies on RDP or remote access tools, we have a few hints to help keep your business as secure as it can be.

  1. Backup your data. Ensure its tested and working and look at the time you need for your business to recover. Can your business work with the recovery time you have?
  2. Use a multi-factor authentication. Tools such as Microsoft Authenticator or Cisco Duo to secure your RDP connections. Where it supports it, you should use Multi Factor Authentication to secure your data.
  3. Apply a Firewall that will limit the access to RDP to specific IP addresses where you can. This will limit the attack surface for hackers.
  4. Block IP addresses that fail multiple log-in attempts. We see some RDP servers having in excess of 30,000 authentication requests per hour.
  5. Keep yourself and your workers updated and educated about the latest threats and information.
  6. Invest in an effective Anti-Malware solution. One that has the ability to look at behaviour of applications and the ability to roll back an infection to a known good state.
  7. Monitor the darker sides of the Internet for chatter about your business, its domains or IP addresses. This may pre warn of you of an impending attack.

Past Blogs

Cyber Criminals

Microsoft Alert: Hackers Can Access Your Account—Even Without Your Password

Just when you think your business has cybersecurity under control, along comes a new threat that changes the game. Microsoft has recently issued a warning about a...

Free Online Tools Could Be a Hidden Threat to Your Business

Have you ever needed to quickly turn a Word document into a PDF? Maybe you searched online, found a free tool, clicked a button, and – voilà – it was done. Easy, right?...

This Small Change to Teams Will Make Your Meetings Run Smoother

If you’ve ever been in a Teams meeting where you’ve had to say, “next slide, please,” more times than you’d like, you’re not alone. For businesses that rely on online...
Cyber Essentials vs ISO27001

Cyber Essentials vs. ISO 27001: What’s the Difference and Which Is Right for You?

Cybersecurity certifications come in many shapes and sizes, but when it comes to choosing the right framework for your business, the decision often boils down to Cyber...
Overconfident employees: Your hidden cyber security threat?

Overconfident employees: Your hidden cyber security threat?

Your team are smart, right? They’d never fall for a scam email or click a suspicious link. At least, that’s what they think. Here’s why overconfidence could spell...

DMARC & DMARCBIS

What They Are, Why They Matter, and What Business Owners Need to Know If you’re a business owner, chances are you rely on email every day—whether it’s communicating...
Could automation save you from spreadsheet headaches?

Could automation save you from spreadsheet headaches?

Spreadsheets slow us down and are too easy to mess up. So, what if I told you there’s a better way to handle data in your business?

Did you notice Incognito mode’s improved privacy?

Did you notice Incognito mode’s improved privacy?

If your team use Google Chrome’s Incognito mode, you probably assume your browsing is private. But until Microsoft spotted this big flaw, your info could be shared...
Copilot could soon auto-open in Microsoft Edge

Copilot could soon auto-open in Microsoft Edge

Is Edge your business’s browser of choice? Microsoft’s thinking of automatically opening Copilot when you use it. It could boost productivity, but there are privacy...
How concerned should you be about cyber attacks?

How concerned should you be about cyber attacks?

You’ve probably heard a lot of talk about cyber attacks but how worried should you really be? Well, very, because cyber criminals are getting smarter. We have good news...