HOME
NEWS

Network Security Best Practices to Block Ransomware


By VARINDIA - 2021-03-12
Network Security Best Practices to Block Ransomware

Back in December 1989, Eddy Willems, an employee at a Belgium based medical insurance company received a floppy disk that forever changed the cybersecurity world as it was known back then. The said disk contained malware that launched the first ever ransomware attack. Since then, ransomware as a threat has come a long way, and continues to plague organisations across the world. As one of the most devastating attacks deployed by cybercriminals, it’s no surprise then, that when Sophos researched the impact, it found that more than one-half of organizations surveyed across 26 countries were hit by ransomware in 2019.

 

In the Indian scheme of things, 82 per cent of these organisations surveyed admitted to being hit by ransomware, reiterating the heightened need for increased network security to help block the attack.

 

Below is an overview of what organizations need to know, including understanding how ransomware attacks work and guidelines for configuring firewalls and the network for the best protection possible.

 

How a ransomware attack works

A typical targeted ransomware attack looks like this:

 

Best practices for firewall and network configuration to defend against ransomware

Ensure the best protection: As a part of this, an organisation’s security solutions must include a modern high-performance, next-gen firewall with IPS, TLS Inspection, zero-day sandboxing, and machine learning ransomware protection.

 

Lockdown RDP and other services using firewall: A good practice to prevent attackers from entering a network is to ensure remote access to servers and systems is only possible via VPN and ideally using multi-factor authentication or a whitelist of sanctioned IP addresses.

 

Reduce the surface area of attacks: Thorough and periodic reviews of all port-forwarding rules help to eliminate any non-essential open ports. Each of these open ports represents a potential opening in networks. Where possible, VPN should be used to access resources on the internal network from outside rather than port-forwarding. It is also advisable to secure any open ports by applying suitable IPS protection to the rules governing that traffic.

 

Enable TLS Inspections: TSL inspection, with support for the latest TLS 1.3 standards on web traffic, ensures threats are not entering a network through encrypted traffic flows.

 

Minimize the risk of lateral movement within the network: A good way to do this, is to segment LANS into smaller, isolated zones or VLANs that are secured and connected by the firewall. When doing so, be sure to apply the recommended IPS policies to rules governing the traffic traversing these LAN segments to prevent exploits, worms, and bots from spreading between LAN segments.

 

Automatically isolate infected systems: When a ransomware or other attack strikes, it’s important that IT security solutions are able to quickly identify compromised systems and automatically isolate them until they can be cleaned up, to prevent spread to other systems on the network.

 

Use strong passwords: Last, but not least, strong passwords are critical. Attackers today deploy brute-force hacking tools to enter systems, and hence passwords must be strong enough to withstand their impact. Sophos also recommend setting multi-factor authentication for VPN access, email, and other accounts that contain sensitive information.

 

Based on research from Sophos’ 2021 Threat Report, attackers are going to continue developing and using ransomware against organizations. The report predicts the gap between ransomware operators at different ends of the skills and resource spectrum will increase. At the high end, the big-game hunting ransomware families will continue to refine and change their tactics, techniques and procedures (TTPs) to become more evasive and nation-state-like in sophistication, targeting larger organizations with multimillion-dollar ransom demands. At the other end of the spectrum, Sophos anticipates an increase in the number of entry level, apprentice-type attackers looking for menu-driven, ransomware-for-rent, such as Dharma, that allows them to target high volumes of smaller prey.

 

Sunil Sharma
MD – Sales, Sophos India & SAARC

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA