More than 4,000 ransomware attacks have occurred daily since Jan. 1, 2016, according to the U.S Small Business Administration. The rapidly growing malware threats infect and restrict access to a computer until a ransom is paid. The malicious software affects businesses of all sizes.
In an article published by the U.S Small Business Administration, Natale Goriel suggests tips to help defend businesses from ransomware attacks.
- Awareness and training programs
Requiring employees to participate in awareness and training programs is important because they are targets - Spam filters
Implement tough spam filters to protect computers and employees from receiving phishing emails. Technologies to prevent email spoofing include Sender Policy Framework, Domain Message Authentication Reporting and Conformance, and DomainKeys Identified Mail. - Disable macro scripts
The tool bar buttons and keyboard shortcuts are the macro scripts that allow office files to be transferred through email. Instead of full office suite applications, try Office Viewer software when opening Microsoft Office files. - Software Restriction Policies
Use Software Restriction Policies to prevent programs from executing from common ransomware locations. These locations could be a temporary folder or compression/decompression programs. - Manage administrative access
No employee should be assigned administrative access unless mandatory. Those with access should only use it when necessary. It is also smart to organize access controls, such as file, directory and network share permissions. If an employee needs access to a specific file, that should be the only thing they access.
Other tips include disabling Remote Desktop Protocol; setting up firewalls; patching operating systems, software and firmware on devices; andsetting anti-virus and anti-malware programs to perform regular scans automatically.
