Connect with us

Tips

5 tips to prevent ransomware, phishing attacks

cybercrime threat has worsened over the past two months

Published

on

Sophos Evolve

A Joint Cybersecurity Advisory issued by the CISA, FBI and NHS, warned of an increased and imminent cybercrime threat to US hospitals and healthcare providers.

Unfortunately, that cybercrime threat has worsened over the past two months.  Since the start of November, there has been a further 45% increase in attacks targeting healthcare organizations globally. 

Ransomware attacks against hospitals and related organizations are particularly damaging, because any disruption to their systems could affect their ability to deliver care, and endanger life – all this aggravated with the pressures these systems are facing trying to cope with the global increase in COVID-19 cases.

Among other things, here are tips to prevent ransomware and phishing attacks:

1. Look for trojan infections:

Ransomware attacks do not start with ransomware. Ryuk and other types of ransomware exploits usually start with an initial infection with a trojan.  Often this trojan infection occurs days or weeks before the ransomware attack starts, so security professionals should look out for Trickbot, Emotet, Dridex and Cobalt Strike infections within their networks and remove them using threat hunting solutions – as these can all open the door for Ryuk.

2. Raise your guard towards the weekend and holidays: 

Most ransomware attacks over the past year have taken place over the weekends and during holidays when IT and security staff are less likely to be working.

3. Use anti-ransomware solutions:

Although ransomware attacks are sophisticated, Anti-Ransomware solutions with a remediation feature are effective tools which enable organizations to revert back to normal operations in just a few minutes if an infection takes place.

ALSO READ  ESET: Millions of undergraduates, lecturers benefit from free IT Security subscription

4. Educate employees about malicious emails:

Training users on how to identify and avoid potential ransomware attacks is crucial. As many of the current cyber-attacks start with a targeted phishing email that does not even contain malware, just a socially-engineered message that encourages the user to click on a malicious link, or to supply specific details. 

User education to help identify these types of malicious emails is often considered one of the most important defenses an organization can deploy. 

5. Virtual Patching:

The Federal recommendation is to patch old versions of software or systems, which could be impossible for hospitals as in many cases, systems cannot be patched.

Therefore, we recommend using an Intrusion Prevention System (IPS) with virtual patching capability to prevent attempts to exploit weaknesses in vulnerable systems or applications.

An updated IPS helps your organization stay protected.

A Joint Cybersecurity Advisory issued by the CISA, FBI and NHS, warned of an increased and imminent cybercrime threat to US hospitals and healthcare providers.

Unfortunately, that cybercrime threat has worsened over the past two months.  Since the start of November, there has been a further 45% increase in attacks targeting healthcare organizations globally. 

Ransomware attacks against hospitals and related organizations are particularly damaging, because any disruption to their systems could affect their ability to deliver care, and endanger life – all this aggravated with the pressures these systems are facing trying to cope with the global increase in COVID-19 cases.

Among other things, here are tips to prevent ransomware and phishing attacks:

1. Look for trojan infections:

Ransomware attacks do not start with ransomware. Ryuk and other types of ransomware exploits usually start with an initial infection with a trojan.  Often this trojan infection occurs days or weeks before the ransomware attack starts, so security professionals should look out for Trickbot, Emotet, Dridex and Cobalt Strike infections within their networks and remove them using threat hunting solutions – as these can all open the door for Ryuk.

ALSO READ  Criminals take advantage of COVID-19 for Scamming

2. Raise your guard towards the weekend and holidays: 

Most ransomware attacks over the past year have taken place over the weekends and during holidays when IT and security staff are less likely to be working.

3. Use anti-ransomware solutions:

Although ransomware attacks are sophisticated, Anti-Ransomware solutions with a remediation feature are effective tools which enable organizations to revert back to normal operations in just a few minutes if an infection takes place.

4. Educate employees about malicious emails:

Training users on how to identify and avoid potential ransomware attacks is crucial. As many of the current cyber-attacks start with a targeted phishing email that does not even contain malware, just a socially-engineered message that encourages the user to click on a malicious link, or to supply specific details. 

User education to help identify these types of malicious emails is often considered one of the most important defenses an organization can deploy. 

5. Virtual Patching:

The Federal recommendation is to patch old versions of software or systems, which could be impossible for hospitals as in many cases, systems cannot be patched.

Therefore, we recommend using an Intrusion Prevention System (IPS) with virtual patching capability to prevent attempts to exploit weaknesses in vulnerable systems or applications.

An updated IPS helps your organization stay protected.

@TechEconomyNG connects past-present-emerging technological impacts on Businesses, People and Cities. All Correspondence to: [email protected]

Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

Facebook