Cybersecurity professionals are expecting ransomware to grow more aggressive in the coming years, including higher ransom payments and attempts to go beyond attacking data — by shutting down entire computer systems to utilities or factories. However, a key concern is that ransomware will start targeting critical infrastructure.
Too many important computer systems are also connected to the internet — when they shouldn’t be. Businesses are also failing to properly segregate their computers from other processes. When a ransomware infection hits, it has the potential to shut down the entire operation.
I know we are now starting to realize what a threat this is to our business, and we are working on ways to protect and mitigate damage from a ransomware attack. The main things we are doing are:
- Trying to educate users and establish good computer habits;
- Ensuring we have good backups of data on a regular basis;
- Patching systems as quickly as possible and isolating systems that can't be; and
- Improving end point protection, workstation management solutions and internal segmentation.
Now, with this all said, I still expect to have to deal with a ransomware crisis here. No matter what actions you take, you're at risk, and will get hit with something, so also make sure to manage expectations. Always make sure that upper management understands that you are doing everything you can to protect the company's assets, but nothing is foolproof, and that when the worst happens, you have a plan to start getting things back up and running in a timely manner.
About our contributor:
|Darrin Freeman, a network engineer and Fuel member, has been using Palo Alto Products since 2013.|
Check Out Our Next Cybersecurity Question of the Month
How do you think organizations should approach closing the cybersecurity skills gap? What areas would you recommend cybersecurity professionals focus on as part of their continuing education efforts?