Blog Image

Ransomware Outbreak III: Best Security Practices


One of the cybersecurity threats that are prevalent right now is the ransomware attacks that end-users around the world experience. With this malware, cybercriminals could encrypt your files and demand a ransom payment from you in order for you to retrieve your data.

As ransomware attacks developed into something more sophisticated over the years, the toll count of the businesses that it victimized increased in number. The crippling financial and reputational damage it could cause have placed several companies into a state of crisis. Because of that, IT specialists from managed IT services in the Philippines emphasized the importance of boosting your business’ cybersecurity strength.

Here are 6 best security practices you can apply in your company now:

Patch and Update Systems and Applications Regularly

As developers release new updates and patches of systems and applications, they also fix the security holes and bugs, which they overlooked in the past. Malware such as ransomware is designed to attack security vulnerabilities in outdated software applications and computer systems. That being said, when you fail to keep your systems and applications up-to-date, you are still susceptible to cybersecurity threats. In order for cybercriminals to have fewer computer vulnerabilities to exploit, make sure to patch and update regularly.

Have an Elaborate Disaster Recovery Plan

Preparedness is a tool that every individual can use to recover from any cybersecurity attack or natural disaster with ease. When you have a detailed disaster recovery plan, you would know how to manage any crisis and keep the damage it may cause to a minimum. Ransomware attacks can delete local backup files it can find, so it is important to secure your backups in a safe location offline and off-site. Moreover, you can also encrypt the backup copies of your files in order to optimize their safety from sly cybercriminals.

Check File Extensions

In Windows computers, it is a default setting that file extensions are disabled. That is why it is common for Windows users to identify files by their thumbnail. Cybercriminals took advantage of this feature by putting double extensions to their malicious files’ filenames. By disguising their malware-infected files as innocent looking ones, cybercriminals mislead and victimized countless end-users. That being said, enabling file extensions will help you spot these malicious files and prevent them from causing you problems.

Turn Off Macros in Document Attachments

In applications that deliver email services, such as Outlook in the office 365 for business, there is a macro feature that allows end-users to customize automatic and manual emails. With this feature, people could include specific information about the recipient. But, even when email attachment macros are useful, this was exploited by cybercriminals to infect computers. Because of that, Microsoft turned off macros by default as a security measure. That being said, you should be careful with email attachments that persuade you to turn on the macros feature. These emails could be embedded with malicious codes that could trigger malware when opened.

Be Careful with Unsolicited Attachments

Aside from emails that persuade you to enable the macros feature, it is important to be cautious about unsolicited email attachments in general. As what was mentioned earlier, cybercriminals could use double file extensions to deceive end-users into believing that they are dealing with innocent files. Moreover, when you receive JavaScript files, it is safer when you open them in Notepad. By opening this type of file in Notepad, you can block it from running any malicious scripts and enable you to examine the file contents.

Use Administrator Rights Only When Necessary

Whether you use your computer for work or for leisure, you would notice that there are some actions that require administrator rights to be performed. Although you could do more things when you’re logged in as administrator, this makes you more vulnerable to cybersecurity threats and amplify the damage it could inflict to your business. That being said, it is important to be mindful about your online activities and to limit the login powers you give to yourself.