Although complete immunity against these attacks does not exist, it never hurts to repeat a series of notes, at least to ensure that we are not caught off guard again:
- Make periodic backups of your data, and often check that the backup copies are restored correctly
- Keep the operating system up to date and create recovery points on your computers
- Use legal software and install patches and updates that are released
- Acquire a reliable security solution
- Install some anti-ransom tool, which blocks the encryption process
- Keep the firewall correctly configured, to allow access only to the necessary websites, applications, and services
- Do not use accounts with administrator privileges in common tasks
- Have an antispam that prevents infection through massive email campaigns and never open unknown attachments
- It shows the hidden extensions of the files because, in most cases, the malware is hidden in an executable. Disable files that run from the AppData and LocalAppData folders
- Disable RDP if you don’t use it
- Create access control lists to protect network mapped drives
- It blocks the traffic of the domains and command and control servers through an IDS / IPS3, to avoid communication between the malware and the C2 server
- Use virtual machines to isolate the host system
- Establishes DRP protocols and infrastructure (Disaster Recovery Plan)
- Hire specialized insurance to alleviate economic losses
- Train your employees with basic safety notions, since many times, and they represent the weakest link in the chain
If, in spite of everything, you cannot avoid the infection, do not pay the extortionists. Nothing and nobody guarantees that you will recover your data.
A Professional Email Is Professional, Not Personal
It may seem silly, but there are few workers who use their personal email to register in forums, e-commerces, other websites, etc. These are pages that everyone – including dockers – can access. It’s easy for you to end up on a spam list that can include dangerous files. They should not use professional mail outside of work or respond to emails from unknown or suspicious senders and beware of phishing, those emails that pretend to be from a known sender but are not authentic.
Storage Online Or On Own Servers
Hard drives are lost or broken, laptops may disappear, the same goes for a USB, and we will not do the backup on the same computer as the original. The information will be stored in the cloud or on the company’s own servers so that they are safe from cyber-attacks. Of course, we will always use professional accounts, not personal ones, and we will access the services from protected computers and secure connections, and, of course, we will use secure passwords.
Neither 1234 nor our date of birth nor a combination impossible to remember that we have pointed in a post attached to the monitor or the same that we have in our personal account. When the automatic password for a worker is generated, it must be changed to reinforce security. A password that remembers it, or if it indicates that it is in a place of difficult access. Needless to say, he will not give it to anyone, not even to those presumed technicians of the company or the computer provider who ask for it over the phone. They can access your account without giving them the password.