Learn Pentesting like a Pro!

Share this post

NIST best practices to prevent and mitigate ransomware attacks

pentesting.academy

NIST best practices to prevent and mitigate ransomware attacks

pentesting.academy
Sep 28, 2021
Share this post

NIST best practices to prevent and mitigate ransomware attacks

pentesting.academy

Ransomware is a big threat to any company or corporation. In a matter of minutes all data from servers, workstation, laptops can be encrypted and most probably lost.

Also worth to mention that ransomware attacks, can exploit some unpatched Windows vulnerability but most of the times are triggered by employees executing some weird attachment while reading an email.

Here are the top best recommendations from NIST directly:

  • Use antivirus software at all times.

  • Keep computers fully patched.

  • Segment networks.

  • Continuously monitor directory services.

  • Block access to potentially malicious web resources.

  • Allow only authorized apps.

  • Use standard user accounts.

  • Restrict personally owned devices.

  • Avoid using personal apps from work computers.

  • Educate employees about social engineering.

  • Assign and manage credential authorization.

In the unfortunate case of a ransomware incident, these three steps will help your organization to recover:

  • Make an incident recovery plan.

  • Backup data, secure backup and TEST restoration.

  • Keep you internal and external contact list up to date.

For further reading have a look to the NIST draft: https://csrc.nist.gov/publications/detail/nistir/8374/draft

Share this post

NIST best practices to prevent and mitigate ransomware attacks

pentesting.academy
Comments
TopNew

No posts

Ready for more?

© 2023 pentesting.academy
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing