The latest news has reported that UCL has been hit by a severe ransomware attack that disrupted systems and forced the IT Team to block access to shared drives. Commenting on the attack is Paul Edon, Director at Tripwire and Dean Ferrando, Systems Engineering Manager (EMEA) at Tripwire, who believe ransomware attacks won’t be going away anytime soon but have given advise on how enterprises can avoid future attacks.
Paul Edon, Director at Tripwire:
“Ransomware is a serious threat to any IT system regardless of geography or market sector. Despite the recent and well publicised incidents, we still seem to have difficulty preventing the infection and spread.”
“The most effective defence requires organisations to follow “security best practises” which includes defence-in-depth. Defence-in-depth is not a term that applies only to technology, a defence-in-depth solution should include People, Process and Technology.”
“The people need to be educated as to the dangers of phishing emails, clicking on unknown links and plugging USB drives into corporate devices. The Technology will include multiple off-line backups, and the process will include a comprehensive policy to ensure the backup and recovery process is practiced on a regular basis.”
Dean Ferrando, Systems Engineering Manager (EMEA) at Tripwire:
“While the malware itself is a serious problem, we seem to have given up on solving the problem of how it gets onto devices. There are no signs of this trend slowing, so enterprises should take steps to protect themselves in the event of a possible infection. Universities and other education institutions are not exempt and with so many people connected to the network, there should be extra levels of protection and control on what people can access.”
“The number one thing enterprises should do is keep timely backups of their critical data. In the event of a ransomware infection, in most cases, an organization can clean the infection and roll back to a previous backup. The follow up to ensuring proper backups in place are having routine tests of the backup process, to reduce to time and cost of restoring business continuity. Keeping computers up to date with patches and system backups is important in mitigating the risk of ransomware attacks. It is also a good idea to avoid installing software or opening emails from untrusted sources.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.