To protect against ransomware attacks, organizations should:
• Regularly back up data, air gap, and password protect backup copies offline.
• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.
• Implement network segmentation.
• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location
• Install updates/patch operating systems, software, and firmware as soon as practical after they are released.
• Implement monitoring of security events on employee workstations and servers, with a 24/7 Security Operations Center to detect threats and respond quickly.
• Use multifactor authentication where possible.
• Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes.
• Avoid reusing passwords for multiple accounts.
• Focus on cyber security awareness and training.
• Regularly provide users with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities.
https://thehackernews.com/2022/12/new-agenda-ransomware-variant-written.html
