editor’s question
call from the attacker
asking them to open
the attachment. The
link contains hidden
malware that will infect
the organisation’s
systems and run
in the background.
Organisations must be
aware of the nature of the
threat so that they can equip
themselves to better prevent
ransomware and other malware attacks.
HAIDER PASHA,
REGIONAL CSO,
EMERGING
MARKETS, PALO
ALTO NETWORKS
T
o tackle this
question, we
first need to
keep in mind
that ransomware
is malware
and there are
different types of malware and various
ways in which it can propagate and
enter the customer’s environment.
The most common point of entry is on
the endpoint but there are other weak
points. For example, malware can infect
web servers residing in data centres
that are not properly patched and
protected. We often see that machines
facing the Internet are vulnerable.
We also need to focus on the fact that
malware is more lethal when combined
with other forms of attack such as social
engineering. This has been the case
with some of the larger cybersecurity
heists. It works like this: the attacker
sends an attachment such as a fake
invoice to an unsuspecting admin
worker who also receives a follow-up
30
In terms of preventing malware – and by
extension ransomware – attacks, there
are various aspects of system security
that organisations can take control of.
Firstly, as an organisation you should
ensure that your systems are properly
updated and patched. Unnecessary
software and plugins should be
disabled to limit potential vulnerabilities
and avoid the spread of malvertising.
As an organisation you also need to
keep an eagle eye on email and ideally
your cybersecurity systems should
warn you when receiving email from an
external source.
To counter the human engineering
method, we recommend that you avoid
Your organisation
should have robust
authentication
methods in place
such as strong
passwords and
verification
questions.
Let’s not forget that
ransomware, along
with other malware,
can spread through
simple web browsing.
taking cold calls from people: be aware
of who’s calling and be especially
suspicious if a person who you don’t
know asks you to open a link – that
should be an immediate red-flag – and
the email should be sent to your IT or
security department.
Let’s not forget that ransomware,
along with other malware, can spread
through simple web browsing. Most
antivirus software and end point systems
know when you attempt to visit to a
malicious website and will report it as
compromised, but it is still something to
be aware of at the organisational level.
On the networking side, your
organisation should have good quality
firewalls and anti-malware and anti-
ransomware systems that can detect
any threats rapidly and prevent them
from spreading. Your staff should also
have a basic knowledge of security and
the way the main threats operate to
avoid simple mistakes such as clicking
on malicious links.
Another important point to consider is
authentication. Your organisation should
have robust authentication methods in
place such as strong passwords and
verification questions. In fact, a zero-
trust approach is best. Moreover, the
right level of authentication solutions
should be in place in the network, the
cloud and at the end point to prevent the
installation and spread of ransomware
and other malware. u
Issue 18
|
www.intelligentciso.com