Protecting yourself from ransomware attacks

Business Daily Kenya:  Cyberworld  with Teddy Njoroge Two months after Wannacryptor ransomware razed through the computing world, computer...

Business Daily Kenya: 

Payments. Photo/Courtesy

Cyberworld  with Teddy Njoroge

Two months after Wannacryptor ransomware razed through the computing world, computer users were yet in the jaws of another attack a fortnight ago. The threat, Petya.C, just like Wannacryptor, spreads using a combination of the server message block commonly known as the EternalBlue exploit, to gain network access.

It then infects the main boot record (MBR) of a computer and encrypts the entire drive on which the MBR is located. When the infection does not affect an MBR, it will still encrypt all files on the device.

An infection like this can compromise an entire network by gaining administrative rights through a single machine that is left unprotected or whose software is not updated.

Unfortunately, even after the Wannacryptor, also known as Wannacry outbreak, caused many headlines and encouraged users to patch their systems, many organisations and individuals are yet to update their systems or install protection such as antivirus.

This combination is perhaps the reason the attack spread so rapidly around the globe. But what are some of the best practices to defend against Petya and other forms of ransomware?

First action in case of an attack is to turn off all computers in your network, to halt the spread thus minimising the potential damage. This, however, is reactionary and only if your system detects an intrusion before it is too late.

Prevention is often the best medicine to tackle the threat of ransom attacks. Proactively you should also keep all your operating systems and software updated. This should be supported by a reliable security solution with multiple layers of protection plus regular backups of valuable data at an offline location.

A weak link in the fight against ransomware is the human element, often caught unawares through clicking on phishing emails and other social engineering techniques. Social engineering refers to the psychological manipulation of people into performing actions or divulging confidential information unwittingly.

Critical is to be aware of the vulnerability in the first place, since many attacks are disguised as legitimate prompts that could mean the end of your business or organisation as you know it.

It is therefore important for organisations to invest in continuous cybersecurity awareness and training for their staff. In addition, it is important to test out all possible cyber risk scenarios on back-up or disaster recovery solutions.

This actually remains the safest option other than data encryption technologies. In terms of cyber resilience, the Kenyan digital and financial economy can be likened to a slow, plump gazelle stumbling through the “cyber-savannah” in the full view of agile, informed and hungry cyber-predators. This is because of reasons such as low budgetary allocations dedicated to cybersecurity in most institutions. The writer is ESET country manager

The post Protecting yourself from ransomware attacks appeared first on Mediamax Network Limited.

daily post kenya news, k24 live, media max, bdafrica, nse Kenya, epaper, business daily Kenya


business 7417703850955453246

Post a Comment


Follow Us

Hot in week



Contact Us

For Complains and compliments towards this website, contact us on or use the contact form below (on the footer).