Upgrade Your Firewall Because Ransomware is Back for Another Shift
Ransomware is back in the news, again. With vicious attacks continuing to impact governments, educational organisations and business operations in several states, countries & Continents, with Texas recently under fire with exceptional, sophisticated attacks.
Capital One was also an immense firm caught under siege from Ransomware.
Precise attacks can start in a variety of unpredicted ways – some with a simplistic phishing email, others with hackers leveraging susceptibilities in networks in order to step onto other systems within the network. However, one of the most devastating ransomware attacks to happen in years, resulting in a worldwide commotion, was when Capital One’s networks were exploited, and exposures were blown wide open to the public.
Since the strike, new vulnerabilities have been discovered, but there are still many networks out there that are highly susceptive to cyber-attacks.
Unfortunately, many of these poorly written networks are piled with issues that are easily ‘wormable’, which otherwise means hackers & malware can exploit these gaps in an automated method with no user interaction at all, enabling the malware to spread speedily and efficiently to a wide group of systems. In other words, taking over your entire infrastructure in a matter of moments.
Of course, employing an industry-leading security product and operating a strict patch management strategy are the most valuable practices. But there are also other best preparations you should consider helping keep ransomware, hackers & threats out of your network in the first place.
Your firewall provides vital protection against exploits by closing or guarding exposed ports, as well as blocking attacks using an Intrusion Prevention System. IPS looks at network traffic for openings, exploits, and blocks any attempt for attackers to get through your network border or even cross limits & segments within your internal network.
Here are the firewall necessities to prevent ransomware attacks from getting into your Business network:
- Cut the surface area of attack: Review and revisit all port-forwarding rules to eradicate any non-essential open ports. Where possible use VPN to access resources on the internal network from outside rather than port-forwarding.
- Launch IPS protection: Apply proper IPS protection to the rules governing traffic to/from any Windows hosts on your network.
- Cut the risk of lateral movement: Protect against threats moving laterally on your network and consider segmenting your LANs into smaller sub-nets, assigning those to separate zones that are secured by the firewall. Apply suitable IPS policies to rules governing the traffic traversing these zones to prevent worms and bots from propagating between LAN segments.
Want to get the best solution for your business?
At Tristar Tech Solutions, we take a security-first approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.
To book a consultation or to arrange a further discussion, please get in touch.
If you’re looking for IT support in Hertfordshire or IT support in North London, contact us today, and a member of our team would be more than happy to advise you.