Ransomware Protection

Posted by BAS - 01 November, 2018

header-picture

The U.S. Department of Justice has issued technical guidance on protecting networks from ransomware. A copy of the guidance may be accessed by clicking here.

According to DOJ guidance, ransomware is malware delivered through phishing emails that attacks critical data and systems for the purpose of extortion. When the owner is locked out of the system, the cyber criminal demands payment for returning access.

Prevention is the best defense against ransomware. The following are suggested prevention measures:

  • Implement an awareness and training program
  • Enable strong spam filters
  • Authenticate inbound emails to prevent email spoofing
  • Scan incoming and outgoing emails to detect threats
  • Configure firewalls to block access to known malicious IP addresses
  • Patch operating system, software and firmware on devices
  • Set anti-virus and anti-malware programs to automatically scan
  • Manage the use of privileged accounts
  • Configure access controls with least privilege in mind (only give the permissions necessary)
  • Disable macro scripts from office files sent by email
  • Implement software restriction policies
  • Disable remote desktop protocol if it is not being used
  • Use application whitelisting
  • Execute operating system environments of programs in a virtualized environment
  • Categorize data based on organizational value and implement physical and logical separation of networks and data for different organizational units.

The DOJ guidance has many other helpful suggestions for managing online security.

Topics: MyEnroll360 Security


Recent Posts

Question of the Week - Mid-Year Enrollment for Health Coverage

read more

OCR Reports to Congress on HIPAA Compliance and Breaches of Unsecured Protected Health Information

read more

Find your QELs in MyEnroll360

read more