Stop the Spread of Ransomware

Asset 10

Stop the Spread of Ransomware

Posted on 22 June 2017 by Beaming Support

Ransomware is a type of malware that blocks access to users’ computer systems until a ransom is paid.

This is usually done by locking system screens and encrypting files, and spread via installation files that masquerade as updates. Find out steps you can take in advance to stop the spread of ransomware in the case of an attack.

By the time you’re panicking about how to stop the spread of ransomware, it may well be too late. The time you spend now checking that you have procedures and plans in place is time you’ll save getting your systems back up and running in the case of an attack.

Once a plan is in place, make sure to have a hard copy printed and securely stored. There’s no telling if this is a document that will become unavailable.

Use Group Policy to block specific known ransomware attacks from executing on users’ machines

Identify the users or machines to which you wish to apply the block and the group to which they belong. Then specify this block in your Group Policy as follows:

Computer Configuration – Policies – Windows Settings – Security Settings – Software Restriction Policies – Designated File Types

Now add the file type / latest ransomware file extension to the policy to help stop it from running in your environment. The file extension will differ from attack to attack.

Further reading from Microsoft is available here.

Layered Security and Permissions Structure

No single user should have write access to every folder or document within a shared drive. Should a particular user become a victim of a ransomware attack, everything they have access to is at risk. You should make a point of conducting a regular review, auditing and documenting each user’s access to each folder.

Create and review your file structure to take into account the effects of ransomware spreading through documents available to any particular user. This will help speed up recovery and identification of affected files.  If you know that user A only has access to certain folders this information can be used to help contain the spread and quickly identify what to restore.

Asset 33

We don't just see compliance as a box-ticking exercise

We can help you thrive by ensuring your company complies with industry regulation.
Find out more

Subscribe to the UK Cyber Threat Report

We track emerging cyber security threats and publish our findings in our quarterly cyber threat report, along with expert advice on protecting your business.

  • This field is for validation purposes and should be left unchanged.
Information Security
Asset 10

Cybersecurity Resource Hub

14/02/24 Support team
Read more
Information Security
Asset 12

How to set up O365 MFA on a new mobile device

31/10/23 Support team
Read more
Email & Hosting
Asset 9

What are the benefits of working with a Managed Services Provider?

25/08/23
Read more
Servers & Applications
Asset 24

What are the benefits of using a data centre?

25/08/23
Read more
Email & Hosting
mouse pointer

Why does my business need a domain name?

25/08/23
Read more
Information Security
Asset 12

Can I still use 2FA if my phone is lost or stolen?

What happens if you don’t have access to your phone, but you need it to verify your log in attempt?

26/06/23 Support team
Read more

Improving your business’s cyber security

  • This field is for validation purposes and should be left unchanged.