Ransomware is a type of malware that attempts to deny access to a user's data, usually by encrypting the data with a key known only to the hacker who deployed the malware, until a ransom is paid.
What can you do?
- Create, maintain, and exercise a basic cyber incident response plan
- Create and maintain and communications plan that includes response and notification procedures for a ransomware incident
- Conduct regular vulnerability scanning
- Regularly patch and update software
- Ensure devices are properly configured and security features enabled
- Maintain best practices for remote desktop services
- Consider using an intrusion detection system
- Have a cyber security awareness plan to keep employees up to date on phishing, malware and other common ransomware avenues
- Utilize multi-factor authorization
- Apply principle of least privilege to all systems and services
- Keep network logs and analyze activity