Fortinet shares ransomware prevention best practices

According to Fortinet, ransomware attacks come in many forms, but they can be categorised into five primary types:

The first is 'crypto ransomware'. This malware encrypts files and data within a system, making the infected content inaccessible without a decryption key.

Second, 'lockers' are similar to the above, but they lock the user out of their system entirely.

Another type is 'scareware', which is fake software that claims to have detected a virus or issue and directs the user to pay to resolve it. Some variants will lock the user from other system functionalities, while others will flood the screen with pop-up alerts without causing any damage.

Then there is 'doxware' or 'leakware', which threatens to distribute sensitive information or company files online and pressures the user into paying a fee to prevent that data from being made public.

Meanwhile, the 'ransomware-as-a-service' malware is carried out and managed by professional hackers, who are paid by an individual for all aspects of the attack, from distribution to payment collection and access restoration.

Who is most at risk?

Ransomware attacks are indiscriminate and can target anyone with an internet connection, whether it is a private individual, business, or any other entity. All individuals need to ensure their systems are adequately protected. If a business is attacked by ransomware and cannot recover the lost data, it may put the business and its employees at risk.

Who do I to contact in the case of an attack?

In the case of a ransomware attack, the first step is to notify your cybersecurity management team or security manager for an internal 'security operations centre' team. Depending on the severity and nature of the attack, a trained security expert can guide you through the steps. It is essential to minimise exposure and understand the problem before reacting. Some organisations may have legal or internal notification requirements that must be followed.

Common mistakes that leave companies vulnerable

One of the most common mistakes companies make is not having complete coverage of their systems. This can leave loose ends for hackers to exploit, especially given the prevalence of remote work and email as vectors for ransomware. It is essential to ensure proper security measures are in place and integrated into a cybersecurity platform to maintain visibility, mitigation, and remediation.

Tips for preventing ransomware attacks

Organisations should equip their systems with the latest cybersecurity defence and detection solutions, such as advanced endpoint detection and response, or 'EDR', technology. Employees should receive training on the latest threats to help them avoid suspicious activity and report it properly. Another tip is to keep systems updated and patched, limit network access, and regularly back up data. At the same time, a disaster recovery plan should be implemented should an attack take places, and it should be regularly tested to ensure it effectiveness.

In conclusion, ransomware attacks can come in many forms and target anyone with an online presence. It is essential to implement a protection strategy that involves updating and patching systems regularly, minimising administrator access, using the most up-to-date cybersecurity defence and detection solutions, and educating employees on the current ransomware trends.

Fortinet surpasses one million issued network security expert certificates Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, has recently announced it has issued more than one million network security expert (NSE) certifications to date, further advancing its commitment to close the cybersecurity skills gap.

Fortinet launches State of Operational Technology and Cybersecurity Report At today's conference to announce Fortinet’s global 2022 State of Operational Technology (OT) and Cybersecurity Report, experts exchange crucial information on the risk of OT security.

Fortinet adds new capabilities to support work-from-anywhere New updates to FortiSASE expand the industry’s most integrated single-vendor SASE solution to further converge networking and security across a unified operating system.