As time goes on, Ransomware attacks are getting stealthier and costlier than ever before. The majority of ransomware attacks are exfiltrating data, in addition to encrypting it. Attackers are using double extortion techniques to go after victims whose data was compromised during the attack.

Phishing, poor cybersecurity hygiene, lack of cybersecurity awareness and training, weak credentials and clickbait are leading causes of ransomware infections. If these root causes of attacks are left unattended, it’s likely you could be attacked again – 80% of ransomware victims have been attacked before.

If you or your organization is struggling with ways to prevent an attack, check out the 10 tips below for guidance:

Email Filtering
Most email clients and providers offer built-in security and anti-phishing settings. It’s always a good idea to turn these features on.

Anti-Phishing Training
Human error is responsible for 85% of security breaches. Regular security awareness training for your employees can help reduce the risk of being breached significantly.

Vulnerability/Patch Management
Unpatched software and systems are one of the leading causes of ransomware infections. Ensure that you identify and fix vulnerabilities in your infrastructure.

Multifactor Authentication
MFA requires you two initiate two or more forms of authentication beyond just a username and password, adding additional measures of security to a login process. This helps fight against attacks like phishing, keystroke logging and more common attacks.

Disable Remote Desktop Protocol (RDP) Access
As it is one of the most common intrusion points, RDP access must be disabled where possible. Access must be restricted only to allow-listed sources via MFA.

Password Management
Focus on password security and limit password reuse. It is recommended to use a 16-character password with capital letters, numbers and special characters. You can also consider using password managers like LastPass, which can help store long, complicated passwords.

Privileged Access Management
The rapid shift to the cloud has created even more ways for attackers to exploit your information. Therefore, privileged accounts must be regularly monitored, restricted and protected via MFA and strong passwords.

Monitoring and Response
Organizations have to have a way to monitor systems for intruders and stop suspicious activity in its tracks. Endpoint detection and response technology can monitor your endpoints for anomalies and stop ransomware from executing.

Backups
Backups are an integral part of contingency planning. Back up your data and isolate your backups to a location away from the rest of your network. Also, test backups regularly to make sure they are working properly.

Incident Response Plan
An incident response plan helps an organization react to incidents quickly, maintain business continuity, and minimize loss. 

Businesses from small to large can use the steps above to help protect against possible future ransomware attacks.

Story via Forbes