7 best practices to defend against ransomware attacks

  • September 08 2016, 4:00am EDT

How best to protect your organization from attack

A recent HDM slideshow explored 9 ways to recognize and beat ransomware attacks, based on a survey from software vendor Malwarebytes and Osterman Research. Here is part 2, focusing on best practices to protect against ransomware. What follows are the components of a thorough strategy to manage the rising onslaught of ransomware incursions.


Conduct frequent vulnerability scanning of your organization's external and internal networks, network devices, and web applications to identify security holes or any known security vulnerabilities. Conduct penetration testing to identify potential points that could be exploited.

Content Continues Below

Awareness and education

Develop an ongoing educational campaign so that everyone understands the importance of security best practices. Instruct users to not open attachments from unknown sources or in emails that appear to be legitimate but are suspicious or unexpected; instruct users to avoid enabling macros from email attachments; and warn users to never click on Web links in unsolicited emails.

Patches and updates

Patch and keep operating systems, antivirus, browsers, Adobe Flash Player, Quicktime, Java and other software up-to-date.

Anti-virus software

Maintain anti-virus software and keep it updated with current versions. Scan all software downloaded from the internet prior to executing.

Content Continues Below

Permissions management

Restrict user permissions to prevent the installation and execution of unauthorized software applications. In addition, apply the principle of “least privilege” to all systems and services. Restricting these privileges to the minimum required for each user may prevent malware from running or spreading quickly through the network.

Data backups

Employ a data backup and recovery plan for all critical information. Regularly back up servers and network shares with multiple restore points. Also, consider backing up critical data on two different media, including one off-site backup.


Adjust email filter and spam filter settings to block emails with suspicious attachments.