National Cyber Security Office issued a document with name Ransomware – Recommendations for mitigation, prevention and response [PDF], in which he prepared a number of recommendations on how to prevent extortion attacks and how to proceed once an attack has already taken place. These recommendations can be used by any institution to protect itself from these attacks.
Ransomware is a type of malicious code (malware) that encrypts a user from accessing data. In most cases, the attacker then requires payment of a certain amount for data recovery (decryption). The motivation of the attackers is therefore mainly financial gain, however, there are also cases where the attacker simply destroyed the data and did not demand any ransom.
The new document summarizes the main ways in which ransomware enters the network, technical and non-technical defense measures such as regular backups, updates of all components and security checks of all public services. The document emphasizes that the weakest link is usually users, so it is necessary to pay attention to their training, which will allow them to recognize the danger and avoid it with the learned good practices.
–
–
