Ransomware: security recommendations

Ransomeware photo

The National Agency for Secured Information Systems (ANSSI) has once again put together a great guide to the scale of the ransomware threat. Once again, because this is not the first time that I have told you about what ANSSI is putting in place to help us.

As I often say, against viruses and especially ransomware (or ransomware) awareness and training will be your best weapon.

Since January 1, 2020, ANSSI has handled more than 100 ransomware attacks, that’s huge! And it’s not just SMEs, even large groups are affected despite large security systems.

You may have great antivirus, firewalls, or any other security system, but training and awareness is all that is true! And for that, ANSSI provides you with great guides! This time, we also find the testimonies of the M6 ​​group, the Rouen University Hospital and Fleury Michon, all three having been affected by ransomware in 2019. Recommendations that we all know, but that it is important to remember :

  • Save data Update software and systems
  • Use antivirus software Partition the information system
  • Limit user rights and application permissions
  • Control Internet access Supervise logs
  • Make employees aware of cybersecurity
  • Deploy a cyber security incident response plan
  • Explore the possibility of taking out cyber insurance

What if ransomware is deployed then? Well, as expected, he advises to “never pay the ransom”. And so rather than paying, here’s what they offer:

  1. Find technical assistance, particularly through the platform set up by the government to put individuals and businesses in contact with local providers. Communicate “at the right level” to support internal teams.
  2. In the event of an attack, the temptation to pay the ransom demanded to regain control of data is strong, but it is not the solution.
  3. ANSSI therefore recommends not paying the ransom. “Its payment does not guarantee that you will get a means of decryption, it encourages cyber criminals to continue their activities and therefore maintains this fraudulent system. Further, the entity added, “Obtaining the decryption key does not always restore all of the encrypted files.”
  4. File a complaint.
  5. Restore systems from healthy sources.
Share on facebook
Share on twitter
Share on reddit
Share on linkedin
Share on pinterest
Share on whatsapp
Share on email