BEST PRACTICE TIPS
Three Best Practice Tips to
Preventing Ransomware Attacks
The number of ransomware attacks has exploded over the past few years, infecting millions of computers and costing companies
millions of dollars. We recommend three best practices that every organization, regardless of size, should employ.
1.EDUCATION AND AWARENESS
We hate to say it, but your largest attack vector is also your weakest. Many of your employees have never heard of phishing
or a man-in-the-middle attack, and hackers know that. It’s critical that you educate your employees about the most
common attack methods and how to avoid them, such as:
•
Never click on links provided in an email. Type or copy the address into the browser to prevent unknowingly
opening a masked link to a malicious website.
•
Be cautious when opening email attachments. This is a common method of attack for ransomware.
•
When visiting a website, pay attention to the URL. Common malicious sites include URLs with IP addresses at the
beginning or a supposedly secure site that doesn’t use HTTPS.
•
Spoofed email addresses are another method to acquire sensitive information. Never send personal information
over email. We recommend biting the bullet and just making a phone call.
•
Never, ever share your password with someone over email. Legitimate companies never request credentials
over email.
2.BACKUP. BACKUP. BACKUP.
While preventing threats and attacks is always your ideal method of defense, you should always have a Plan B. In the case
that an advanced malware attack, specifically ransomware, takes hold of your system, regularly performing data backups
can provide peace of mind that your data is retrievable. Here are few tips for backing up your information:
•
Offline backups are key. Modern ransomware can find and encrypt your network storage.
•
Simplify your backups as much as possible. Create a global share that can store all of your most important
information, and leverage data partitions when possible.
•
Automate your backups when possible. Don’t let a human error make you miss a back-up.
3.DEFENSE IN DEPTH
Ransomware attacks look to leverage every attack vector possible. The more layers of security that you have in place, the
greater chance you have of stopping an attack that another layer could miss. These types of attacks are able to morph into
something unique, evading traditional signature-based detection methods. Here are just a few critical security layers your
organization should have in place:
•
Protect your network. Ransomware uses the network to not only connect to a malicious server and gain the
encryption key, but also leverages the network to spread the attack throughout an organization.
•
Leverage network sandboxing to detonate zero-day threats. Network sandboxing is a great tool for detonating
unknown malware without risking the security of your devices.
•
Gain visibility into endpoint devices. Ransomware attacks often start on endpoint devices. Having visibility into the
event activity of these devices makes it possible to detect and remediate the threats before the damage is done.
•
Connect the dots between the network and endpoint. Correlating event data from the network and endpoint
provides a comprehensive evaluation of your overall threat landscape.
BEST PRACTICE TIPS
With WatchGuard Total Security Suite, organizations of all sizes can now defend against advanced malware threats, including ransomware attacks.
Total Security Suite is the first UTM service offering that not only enables organizations of all sizes detect and remediate ransomware attacks, but
actually prevent them as well. By combining our WebBlocker, APT Blocker and Host Ransomware Prevention technology, WatchGuard provides
the most comprehensive set of security services available in one offering available on the market today.
Individually, each of these solutions can protect against a stage of a ransomware attacks. WebBlocker automatically denies users access to known
malicious sites, but can also enable URL filtering which can block risky and inappropriate sites as well. With APT Blocker, users benefit from
award-winning network sandboxing capabilities to detect suspicious threats, detonate them in a virtual environment, and stop the attack from
executing on the network. Host Ransomware Prevention leverages behavioral analysis to specifically detect ransomware attacks, and prevent
them before file encryption occurs.
Product
Support
Intrusion Prevention Service (IPS)
App Control
WebBlocker
spamBlocker
Gateway AntiVirus
Reputation Enabled Defense (RED)
Network Discovery
APT Blocker
Data Loss Protection (DLP)
Dimension Command
Threat Detection & Response
Support
Standard (24x7)
TOTAL SECURITY
Basic Security


















Gold (24x7)
Standard (24x7)
WatchGuard provides a complete portfolio of advanced network security solutions
for protecting organizations, their data, their employees and their customers.
• Network Security Appliances
• Total Security Services
• Network Threat Visibility
• Secure Wireless Access Points
Learn More at www.watchguard.com
No express or implied warranties are provided for herein. All specifications are subject to change and expected future products, features or functionality will be provided on an if and
when available basis. ®2017 WatchGuard Technologies, Inc. All rights reserved. Part No. WGCE66995_021617