Ransomware is one of the attacks on computer networks that has suddenly emerged in recent years. It is called ransomware because it encrypts files and asks for a ransom. However, what makes people helpless is that ransomware is developing faster and faster, and the success rate is higher and higher, which in turn stimulates more hackers to join the ransomware army. Ransomware groups are now shifting their main focus to those companies and government agencies, which have a higher probability of paying ransoms because they have important documents. For example, the municipal systems of several local government agencies have recently been attacked in the United States. In the end, these cities had to pay ransoms in exchange for the restoration of municipal systems.
A few days ago, Microsoft also expressed its opinion on the increasingly insane ransomware attack. Microsoft believes that victims should not pay the ransom anyway.
Here are a few suggestions from Microsoft:
1. Use an effective email filtering solution
2. Regular hardware and software systems patching and effective vulnerability management
3. Use up-to-date antivirus and an endpoint detection and response (EDR) solution
4. Separate administrative and privileged credentials from standard credentials
5. Implement an effective application whitelisting program
6. Regularly back up critical systems and files