Today, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated version of the joint #StopRansomware Guide. The update includes new prevention tips such as hardening SMB protocols, revised response steps, and added threat hunting insights.
Small Business Owners & Leaders can learn some great lessons from this guide on how to stop ransomware in its tracks. Keep reading to learn the top takeaways from the updated guide.
Preparing for Ransomware & Data Extortion Incidents
- Maintain offline, encrypted backups of encrypted data, along with regular testing of backups – this one is tough for small businesses, as offline backups are difficult to maintain. However, most cybercriminals hunt for and use credentials in a network that can be used to delete or encrypt data backups.
- Create, maintain, and exercise your Incident Response Plan (IRP). Good news is that if a small business has Cyber Insurance, they will have access to resources from their Cyber Insurance carrier that can help build out an IRP.
- Implement a Zero Trust Architecture to prevent unauthorized access to data and services. The days of a Perimeter firewall being the way to prevent access is no longer enough in today’s world of remote work with anywhere/anytime access to data. Zero Trust is still a relatively new concept, but as a small business leader you can begin to educate yourself.
To learn about Preventing and Mitigating Ransomware and Data Extortion Incidents and accessing the Ransomware & Data Extortion Checklist, read the updated Stop Ransomware guide. Feel free to share with your internal IT team or outsourced IT.