Since the recent outbreak has shaken the cyber security mania to considerable extent, it’s now time to take some measures in order to enhance the security. It is imperative to highlight some best practices that should be followed by the individuals as well as organizations to protect themselves. As Microsoft stated, “this attack demonstrates the degree to which cyber security services became a shared responsibility between tech companies and customers. The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect.
Even though many of these practices are not very new but since you are seeking some teachable moments that help you harden your defenses whether you’re an individual or a company, there are few things you must keep in mind;
Patching Vulnerable Systems
Regardless of what people think about CIA and NSA leaks (who actually made this attack possible), it was not a zero day exploit that allowed this ransomware to spread all over. For a true Zero Day exploit, there is no need for a patch. Since it was all quite destructions, the breadth of this ransomware proves that don’t patch our systems. Perhaps that’s the reason as to why it’s becomes easier for the bad boys of cyber world to control our systems.
Whether you are running your personal computer at home or a full-fledge managed security setup for some company, it’s essential to patch systems regularly and run frequent vulnerability scans. It enables you to identify and patch vulnerable systems. The IT world now seems to be mumbling that this process must be an essential part of our security programs. If you are not performing the regular vulnerability scans
it’s as good as a substance that’s extremely dangerous. You know it but still your drink so who is to blame now? Think Wisely.
Don’t Click Every Email
That new unknown emails in your inbox is not dangerous until and unless you click and open an attachment. It’s been reported that this outbreak is not due to the phishing emails or some tricky email that requires you to download and install a malicious software. However, numerous viruses and infectious programs spread this way. Since the wound of this recent ransomware is fresh, it’s the perfect time to mention that all the users need to be very careful with anything landing in their inboxes from some stranger.
Just like our moms used to teach when we were kids, “if you don’t know a person giving you candy, and don’t eat it”. Similarly, don’t click the link in an email if you don’t know a person you are receiving it from.
Defense in Depth
Most of the large enterprises have a bunch of latest technologies that are consistently protecting their virtual environment and managed security setups from any sort of infections. Protection like the antivirus happen to be quite crucial mediums to help you get rid of infectious files drowned somewhere in deep that’s why it’s essential to pick the best and updated version. Similar, the email gateways and web gateways also provide another layer of protection. Precisely, keep such program up to date as none of these things are effective if not upgraded as per schedule and managed properly.
Backups
If you are not keeping backups, you are more likely to suffer a huge data loss that would have a negative impact over the company as well. Many viruses have made their moves, the recent strike was from the Ransomware and these black hat things are not going anywhere. We can’t stop these things but at least we can shield ourselves properly so that these things don’t affect us.
In that case, just make sure that you are taking regular backups. It’s imperative to have the multiple copies of your valuable data. Make sure that the different locations where you store your important data must not be connected to each other because if one is affected, the others would automatically be affected