How to Prevent Ransomware: 7 Tips to Protect Your Business

Ransomware Attacks with Remote Access Tools

You may have seen in the press that there are continuing Ransomware attacks and there is a recurring theme and want to know how to prevent ransomware attacks. In particular with Remote Access and Ransomware. Used to be that attackers encrypted your information, relying on the fact that either the backup schedules you had in place weren’t up to scratch or your disaster recovery / business continuity processes took too long to invoke. Either way they wanted the money and you hoped that if you paid, you got the key.

These days it’s about extracting the data before they encrypt it, they hold a copy of that data and they threaten its release, where that would not only be damage to your business reputation, but could cause some issues for customers if that type of data is released or sold on the Dark Web.

Businesses have had their data stolen before encryption, and they ended up paying the fee in the agreement that the hacker will not release the data. Here you rely on the word of a criminal and hope they don’t come back to you asking for more money.

Entry points for these types of Remote Access and Ransomware attacks, apart from email, can be through insecure Remote Desktop Protocol (RDP). It’s a great tool for your users, but if the right security measures aren’t in place, unfortunately it’s only a matter of time before exploit and it puts your business at risk.

Computer backing up to the cloud

Tips on How to Prevent Ransomware and help Protect Your Business

If you are a business that relies on RDP or remote access tools, we have a few hints to help keep your business as secure as it can be.

  1. Backup your data. Ensure its tested and working and look at the time you need for your business to recover. Can your business work with the recovery time you have?
  2. Use a multi-factor authentication. Tools such as Microsoft Authenticator or Cisco Duo to secure your RDP connections. Where it supports it, you should use Multi Factor Authentication to secure your data.
  3. Apply a Firewall that will limit the access to RDP to specific IP addresses where you can. This will limit the attack surface for hackers.
  4. Block IP addresses that fail multiple log-in attempts. We see some RDP servers having in excess of 30,000 authentication requests per hour.
  5. Keep yourself and your workers updated and educated about the latest threats and information.
  6. Invest in an effective Anti-Malware solution. One that has the ability to look at behaviour of applications and the ability to roll back an infection to a known good state.
  7. Monitor the darker sides of the Internet for chatter about your business, its domains or IP addresses. This may pre warn of you of an impending attack.

Past Blogs

Outlook flags your important email

Outlook will flag your most important emails

How much time do you and your team waste sorting through emails each day, trying to figure out what really matters? If you are like most business owners, the answer is...
Can your staff access too much?

Half of staff have too much access to data

Here is a question worth asking yourself. Do you know exactly who in your business can access your critical data right now? And just as importantly, do they actually...
Windows 10 hit ends of life in just over 2 weeks

Free Support for Windows 10 Ends in Just Two Weeks – Here’s What Your Business Needs to Know

Free Support for Windows 10 Ends in Just Two Weeks – Here’s What Your Business Needs to Know What would it take to bring your business to a halt?It’s not always a major...
Better passkey integration in windows

Passkeys will be better integrated in Windows

When was the last time you thought about how you log in to your business accounts? Or how secure those logins really are? For years, passwords have been the standard....
New hire? New security risk

New member of staff… new cyber security risk?

   When you bring someone new into the business, your first thought is usually about getting them set up to succeed. A laptop, email account, access to the right...
Microsoft to Introduce a Unified Naming System for Hackers

Microsoft to Introduce a Unified Naming System for Hackers

Have you ever tried to follow a crime documentary where the main suspect keeps changing names? It’s confusing—and that’s exactly what’s been happening in the world of...
Is your antivirus genuine?

Warning: That Antivirus Website Might Be a Scam

Warning: That Antivirus Website Might Be a Scam When you’re doing your best to protect your business, downloading antivirus software seems like the sensible thing to...
Notepad's Quiet

New Formatting Tools Coming to Notepad: What It Means for Your Business

New Formatting Tools Coming to Notepad: What It Means for Your Business When was the last time you wished Notepad could do a bit more—like make text bold or add a...
Still using Windows 10 ?

Still using Windows 10? Here’s why you need to act now

Imagine if one of your essential business tools suddenly became unsafe overnight. That’s exactly the risk many businesses are facing with Windows 10. Time is running...
Strengthen Your Password

Your Business is Only as Secure as Your Weakest Password

Let’s be honest—do you know for a fact that none of your team members are still using passwords like “12345” or “password123”? If you’re not 100% sure, you’re not...