LLC is a pharmaceutical company which is located in the Midwest of the US and is employing around 150 employees. Recently the company has suffered from a Ransomware attack but it has been able to recover from the attack by taking assistance from a third party IT service company. Now the company has decided to adopt some policies so as to overcome the situations similar to the ransomware attack (Choi, Scott, & LeClair, 2016). This report discusses about some policies and how these policies can help the company along with the reasons which will support the policies.
Policies for Mitigating attacks and supporting reasons for the policies:
Several policies can be adopted for the purpose of protecting the company details from any type of cyber-attacks. Some of the important policies that can be adopted by the company for protection of their data are listed below:
- Backing up of data:This is the most important way in which the company can avoid threats similar to that of the Ransomware attack. This policy includes the creation of backup on a regular basis along with updating the backups. This is an administrative control and also acts as a preventive method for losing any data.
- Looking into the hidden file extensions:This process includes the re enabling of looking into the full file extensions which will initially help in spotting the suspicious files. Fie extensions with “. PDF.EXE” are the main files which the attackers use for getting into the system of the users(Brewer, 2016). This is also a preventative policy that can be adopted by the administrative department of the company.
- Use of filters in the Emails:This include the use of the mail scanner at the gateway so as to avoid the files with an extension of “.EXE” and helps in denying the files which are having two extensions. This a detective method used to prevent any threats.
- Disabling of the files that are running from the folders of AppData/ LocalAppData: The company can make rules within the Windows or with Intrusions prevention software’s that will help in disallowing of a particular behaviour if any type of attack attempts is made(Song, Kim, & Lee, 2016). This is a physical method that can be adopted to prevent any threats.
- Disabling of the RDP:Most of the attacks are considered to be done by the use of Remote Desktop Protocol or RDP. So by disabling the RDP the company can avoid many types of attacks(Berriz, 2014). This a physical control method that can be adopted by the admiration.
- Patching and Updating of software:The software that are outdated can be very much advantageous for the attackers. This type of attacks can be avoided by the company if they continue in updating their software’s in frequent intervals. The vendors of the software’s often release their security updates and if the company enables the automatic update then they can visit the vendors site automatically and update the software. Automatic update also helps in avoiding the risks of getting harmed when the malware authors disguise themselves as software updates(Touchette, 2016). This is a preventive policy that can be adopted by the company for the purpose of preventing any threats.
- Using of the Reputable security suite:the company can adopt the policy of installing both the anti-malware software and a software firewall which will help in identifying of any types of threats and suspicious behaviours. The attacks can be of various types so to avoid this both type of security is necessary(Roa, 2017). This is a physical preventive control policy.
- Disconnecting from any type of network:Any types of attack like the Ransomware can be easily avoided if the company immediately disconnects all its systems from the network after identifying the characteristics on the screen. This is a physical preventive control policy in which the administrators have to disconnect themselves from the network in order to protect their privacy.
- Use of different preventive kits:One such kit is the Crypto Locker Prevention kit which helps in automating the process of disabling the running files in the App data and the Local App data by the group policies along with disabling of the executable files that are running from the temp directory(Richardson & North, 2017). This is a physical preventive control policy for protection of the data of the company.
The adaptation of the policies discussed above along with the control measures will greatly help in the identification of the threats and avoid the threats in a very easy way. The policies should put more emphasis in protecting the accounting data of the company as the accounts forms the backbone of any type of organisation. All the policies stated above are physical and administrative control method which helps in detecting preventing and correcting any type of flaw of the company.
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network Security, 2016(9), 5-9.
Song, S., Kim, B., & Lee, S. (2016). The effective ransomware prevention technique using process monitoring on android platform. Mobile Information Systems, 2016.
Choi, K. S., Scott, T. M., & LeClair, D. P. (2016). Ransomware against police: diagnosis of risk factors via application of cyber-routine activities theory. International Journal of Forensic Science & Pathology.
Berriz, C. (2014). Cybersecurity and United States Policy Issues. Global Security Studies, 5(3).
Touchette, F. (2016). The evolution of malware. Network Security, 2016(1), 11-14.
Roa, R. E. E. (2017). Ransomware Attacks on the Healthcare Industry (Doctoral dissertation, Utica College).
Richardson, R., & North, M. (2017). Ransomware: Evolution, Mitigation and Prevention. International Management Review, 13(1), 10.