Forsyte IT Solutions
Forsyte IT Solutions
With ransomware rising as a number one source of disruption to organizations worldwide, it's critical that you take steps to keep your data secure.

Share This Post

What Is Ransomware and Why Should Your Organization Care?

Ask anyone today about cybercrime and they are most likely to mention ransomware, which is a form of cyberattack that holds your computer and files hostage. Attackers then demand payment to unlock the files.

The severity and sophistication of recent ransomware attacks have increased, and businesses both large and small have fallen victim. However, bad actors are not targeting businesses alone—ransomware attacks have also been affecting educational facilities, health institutions, charities, even private individuals.

What Is Ransomware?

Ransomware is a form of malware, short for “malicious software,” in which the attacker encrypts users’ files and demands a ransom, usually anywhere from a few hundred to millions of dollars, in exchange for the decryption key. 

Once ransomware infects your system, your data become encrypted. The attacker then asks that you pay a ransom to unlock your data, typically via Bitcoin or other cryptocurrency. However, paying the ransom is no guarantee you will get your data back. Even if you do, you are potentially marked as a future target.

Ransomware continues to bring organizations of all shapes and sizes to a standstill. For example, the attack on Colonial Pipeline shut down the company’s natural gas pipeline, leaving thousands of gas stations in the southeast U.S. without fuel. Additionally, the March 2021 attack on Buffalo Public Schools forced the school district to cancel all remote and on-site classes as it conducted various investigation and recovery steps.

Common Types of Ransomware

Ransomware comes in a few different variants that you may have heard of, such as NotPetya, WannaCry, and Bad Rabbit, but it falls into two main types: 

  • Crypto-ransomware that encrypts data
  • Locker ransomware that restricts access to a computer
How to Protect Your Organization Against Ransomware

Fortunately, there are things you can do to increase your protection, such as patching your systems regularly, either through automation or auto-updates, replacing legacy systems, and removing end-of-life (EOL) systems and applications from your operations. 

Other basic controls to consider putting in place include:

  • Create regular backups of all data you want to safeguard and store.
  • Ensure your data cannot be modified or deleted from any storage system.
  • Divide your network into several segments, commonly referred to as network segmentation.
  • Install antivirus software on all of your devices and make sure the software provides alerts in real-time. 
  • Update operating systems, applications, and device firmware as soon as new patches are available.
  • Look for new or unrecognized user accounts on servers, workstations, and Active Directory.
  • Audit user accounts with administrative privileges and configure access controls to maintain least privilege, a security concept in which users only get minimum access levels or permissions. (Tip: Never assign administrative privileges to all your users.)
  • Disable the Remote Desktop Protocol (RDP) unless absolutely necessary. Disable unused ports, and monitor RDP logs for unusual activity.
  • To keep your organization safe from potentially malicious emails, attach a warning banner that says something like, “Attention: This is an external email. Proceed with caution.” This has the desired effect of alerting your staff to possible risks.
  • Disable hyperlinks in inbound emails.
  • Identify Indicators of Compromise (IOCs)—e.g., unknown files or applications, unusual traffic, suspicious user activity—through continuous threat monitoring.
Safeguard Your Organization with Microsoft Defender

Through Microsoft’s Advanced Threat Protection, a feature of Microsoft Defender, you can prevent your organization from falling victim to ransomware attacks. Microsoft Threat Protection safeguards identities, endpoints, user data, cloud applications, and your entire infrastructure, whether on-premises or in the cloud.

And if you need security experts on your side to get the most out of Microsoft Defender, Forsyte I.T. Solutions, a Certified Microsoft Gold Partner, offers managed cybersecurity services to help you secure your network, so your assets and organization are adequately protected against ransomware. To learn more, contact Forsyte today.

Driving Technology Innovation.

More To Explore

Schedule a Pen Test

The Guardian 365 Pen Test assesses your systems by simulating cyberattacks on internal resources, external resources, and web apps.

See identify configuration issues and vulnerabilities that external and internal attackers could use to exploit your systems. Sign up for a Guardian 365 Pen Test to enhance your security today!

Contact - Schedule a Pen Test
Name
Name
First
Last

EDUCATION LEADERS TALK SECURITY

You’re in the right place! Complete the form to hear the latest Guardian 365 security discussion featuring IT leaders from Spelman College and Spring Grove Area School District. You won’t want to miss this!

Guardian 365: Featured Webinar
Name
Name
First
Last

Cybersecurity Insurance Audit

Let us help you save money on your Cybersecurity Insurance by providing an audit of your current environment, and provide recommendations on how to reduce the cost of your insurance policy,

Contact - Cybersecurity Insurance
Name
Name
First
Last

Request a Demo

At Forsyte Guardian 365, we believe in transparency and hands-on experiences. Complete the form to request your personalized demo. Remember, security is not a luxury. It’s a necessity. Let’s empower your team with Guardian 365! 

Request a Demo

At Forsyte Guardian 365, we believe in transparency and hands-on experiences. Complete the form to request your personalized demo. Remember, security is not a luxury. It's a necessity. Let's empower your team with Guardian 365! 

Request A Demo
Name
Name
First
Last

Get Started

If you are experiencing a security breach or have detected suspicious activity, get help now.

Contact - Talk to an Expert
Name
Name
First
Last

Expert Recovery Services for Security Breaches

If you are experiencing a security breach or have detected suspicious activity, get help now.

Contact - Recovery Services
Name
Name
First
Last