Few best practices to prevent Malware, Ransomware and Virus:
For Individuals:
1. Keep System Upto Date: Always Ensure, that Operating System applications and security solution has been updated with the latest patches. As per the reports, 80% of data breaches could have been avoided by installing patches and upgrades in real time basis.
2. Regular Backup’s — Perform backup of systems regularly. To prevent the data loss/ impact due to ransom-ware attacks, take regular backup of data on a separate physical medium
3. Double check Who’s it — Attachments in unsolicited emails even should not be opened. Always, pay close attention to the web address which may appear to be identical to legitimate websites. These phishing websites can re-direct you to a fake website in control of fraudsters, they can harvest your account credentials or make you download malwares onto your devices.
4. Don’t trust USB’s — Never use any un-familiar storage devices, also make sure to scan any storage device before opening its content.
5. Only Trusted Software — Always download software’s /utilities from trusted sites only but not from unsecured/third-party websites, because they may contain malwares which can compromise your device/data.
6. Be mindful on Social Media — Never provide too much personal information on any open social media platforms. By social engineering, attackers can get required information from your different social media profiles and can try cracking your security questions or use the information.
For Organizations:
1. Email Validations — Establish SPF (Sender Policy Framework Establish Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC) and Domain Keys Identified Mail (DKIM) for the organization domain for email validation to prevent spam and detecting spoofing.
2. Powershell — Restrict the execution of power shell / WSCRIPT and ensure latest version of power shell with enhanced logging.
3. Attachment Restrictions: Block the attachments of file types exe, bat, reg, cer, pst, cmd, hlp, pif, tmp, url, vb, vbe, scr, com, dil, dat, hta, js, wsf.
4. Training: Make cyber security awareness trainings are mandatory to personnel and regularly test them with phishing assessments by simulating real world phishing emails.
5. Latest Patches: Always ensure your Operating System, applications and security solutions have been updated with the latest patches which can have latest virus/malware definitions.
6. Remote Access: Disable remote desktop connections and do not have any drives/folders shared.
Disclaimer : There are many other Tools/measures, these are few key common measures one can consider.
