Imagine this: You’ve worked tirelessly over the past month to create a video tribute for your best friend’s wedding reception. You’ve added the right pictures, overlaid it with music to create nostalgic memories of your friendship, and edited it to perfection. The couple has ensured they have every detail taken care of, from selecting the perfect venue to choosing an outstanding menu. Your video tribute will be the “icing on the cake” and the last touch to finalize their perfect day.

Just when you are about to kick your feet up and toast the completion of the video, you save the video file and an odd message pops up: “The files on this laptop have been encrypted. Submit payment within 48 hours or your files will be destroyed!” That perfect day just took a downturn because you’ve been hit with ransomware.

Now imagine how easy it could have been to get infected with the same malware at work. Businesses can encounter similar scenarios — but they have way more at stake. Ransomware attacks can disrupt business operations, causing companies to experience hours or even days of downtime, and possibly cause the business to completely shut down.

So how can you help prevent a ransomware attack? Prevention is no easy feat, but some steps can be taken to reduce the risk of opportunistic attacks. In a recent Enterprise Strategy Group (ESG) study, “Incident Readiness Trends: Do Confidence Levels Match Preparation Efforts?,” 80 percent of cybersecurity decision-makers report that their organization has already engaged in ransomware incident readiness activities, making sure they have a plan in place in case an attack does occur.

Download the full infographic.

However, if ransomware is already in your environment, there are a few remedies available. An attack of this sort on company networks can affect thousands of devices, be costly and certainly disrupt business. Review these recommendations to learn about steps your team can take to mitigate the risk of an attack. If you can implement these tips, you should have a better chance of shifting from detection of ransomware to readiness and response.

Build a Security-Aware Culture

Ransomware is another type of malware among many others, and it can spread widely starting with a mere human error. For example, this could happen with an employee falling prey to social engineering techniques that encourage them to open a malicious email. By training employees or users to identify suspicious emails, enterprises can significantly reduce the probability of ransomware infections.

Ensure You Have Backups

A consistent defense against ransomware includes having backups — and more than just one. Backup redundancy and keeping backups both offline and in the cloud, then testing them periodically, can help with recovery plans if an attack ever affects the business.

Backup runs should occur frequently and have a tested restore process. Companies that back up their data can minimize the impact of ransomware attacks since only hours of data are lost instead of months or years. The backup should also be tested on a periodic basis to ensure it can restore all files and asset configurations in their uninfected state.

Embed Threat Intelligence

Monitoring your network can provide you with a second set of eyes within your security environment. However, monitoring technology and tools are only as good as the information feeding into it. Having the latest threat intelligence is vital if you want to get better at spotting a looming ransomware attack, stay up to date as ransomware evolves, and learn current tactics you can use to prevent this sort of infection from spreading.

There is no “magic strategy” or one-time solution to stop today’s threats. Although you might take every possible precaution to prevent ransomware from accessing your network, your defensive strategy may not be completely threat proof. This is why it is vital for organizations and their security teams nowadays to be proactive and take steps to detect ransomware on time, contain it, manage response and have a recovery plan in place. This overall strategy can help significantly reduce the potential impact of such attacks on your business.

Download ESG’s 2019 Incident Readiness Trends Report

more from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however,…

World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized

On April 5, German authorities announced the takedown of the Hydra marketplace, the world’s largest darknet market trading in illicit drugs, cyberattack tools, forged documents and stolen data. The criminal operation, with about 17 million customer accounts, raked in billions in bitcoin before getting shut down. On its website, the Federal Criminal Police Office (BKA) stated it had secured and…