Always use antivirus software, keep all computers completely up to date with security updates, and use security products or services that block access to known Internet ransomware sites, said the National Institute of Standards and Technology, in an advice issued Thursday on protection against ransomware attacks .
Other advice includes configuring operating systems or using third-party software to allow only authorized applications to run on computers, preventing ransomware from working, says Gaithersburg, Maryland-based NIST, which is part of the United States. Ministry of Trade.
NIST also recommends restricting or banning personally owned devices in the organization's network for teleworking or remote access unless additional measures are taken to ensure security.
Organizations should use standard user accounts instead of those with administrative privileges at any time. possible, said NIST, and staff should avoid using personal applications and websites that we ll like to open files or click on links from unknown sources.
To prepare for the possibility of a ransomware attack, NIST recommends developing and implementing an event recovery plan; implement and test a backup and restore strategy; and maintain an up-to-date list of internal and external contacts that include law enforcement.
Experts have said that small and medium-sized organizations that do not take adequate security measures are specific targets for ransomware criminals.
Colonial Pipeline has paid nearly $ 5 million to hackers following a crippling cyberattack that shuts down the largest fuel pipeline network in the United States, according to a report.