In any cybersecurity strategy, accounting for human error is essential. By some estimates, phishing attacks—in which a bad actor attempts to elicit personal information from a target using deception—account for roughly 90% of business security breaches. With the volume and sophistication of...
Firewall best practices to protect against ransomware
Ransomware has recently vaulted to the top of the news again, as devastating attacks continue to impact government, education and business operations in many jurisdictions, particularly in the United States.
These attacks start in a number of ways – some start with a phishing email, others begin with hackers leveraging vulnerabilities in networking stacks to gain a foothold and move quickly to other systems on the network. The most famous network vulnerability exploited in a ransomware attack was EternalBluea couple of years ago. But since then, new vulnerabilities like BlueKeep have been discovered (and patches made available), but there are still many networks out there that are vulnerable.
Unfortunately, many of these network stack vulnerabilities are ‘wormable’ which means that hackers and malware can exploit these holes in an automated method with no user interaction, enabling the infection to spread quickly and easily to a wide group of systems.
Of course, deploying an industry leading anti-ransomware endpoint protection product like Sophos Intercept X, and maintaining a strict patch management strategy are top best practices. But there are also other best practices you should consider to help keep ransomware, hackers, and attacks off your network in the first place.
Your firewall provides essential protection against exploits like EternalBlue and BlueKeep by closing up or protecting vulnerable ports, as well as blocking attacks using an Intrusion Prevention System (IPS). IPS looks at network traffic for vulnerabilities, and exploits and blocks any attempt for attackers to get through your network perimeter or even cross boundaries or segments within your internal network.
While we have a full guide on how to protect your network, here are the essential firewall best practices to prevent ransomware attacks from getting into and moving laterally on your network:
- Reduce the surface area of attack: Review and revisit all port-forwarding rules to eliminate any non-essential open ports. Where possible use VPN to access resources on the internal network from outside rather than port-forwarding. Specifically for RDP, ensure port 3389 is not open on your firewall.
- Apply IPS protection: Apply suitable IPS protection to the rules governing traffic to/from any Windows hosts on your network.
- Minimize the risk of lateral movement: Use XG Firewall and Synchronized Security to protect against threats moving laterally on your network and consider segmenting your LANs into smaller subnets, assigning those to separate zones that are secured by the firewall. Apply suitable IPS policies to rules governing the traffic traversing these zones to prevent worms and bots from spreading between LAN segments.
Download the guide to learn more.
More General News Posts
How can organizations foster a workplace environment that enables employees to acquire the skills needed to keep cyber-threats at bay?Read now
In an increasingly complex and interconnected digital landscape, personal cybersecurity empowers you to protect your data, privacy and digital well-beingRead now
Original price $318.00 - Original price $318.00Original price$318.00$318.00 - $318.00Current price $318.00
The Ruijie Reyee RG-RAP6262(G) Wi-Fi 6 Outdoor Omnidirectional Access Point is a high-power outdoor omnidirectional dual-band access point provided...View full detailsOriginal price $318.00 - Original price $318.00Original price$318.00$318.00 - $318.00Current price $318.00
Original price $196.30 - Original price $196.30Original price$196.30$196.30 - $196.30Current price $196.30
Please note:- No PoE Injector Included- Due to chip supply shortages, the U6 AP's LED has been limited to only white and blue colour modes. The A...View full detailsOriginal price $196.30 - Original price $196.30Original price$196.30$196.30 - $196.30Current price $196.30
Original price $0.00 - Original price $888.08Original price $0.00$167.63 - $888.08$167.63 - $888.08Current price $167.63
The Access Point AC Mesh (UAP AC Mesh) is a high-performance, outdoor-ready, dual-band, 802.11ac WiFi access point than can reach a 1.1+ Gbps aggre...View full detailsOriginal price $0.00 - Original price $888.08Original price $0.00$167.63 - $888.08$167.63 - $888.08Current price $167.63
Original price $209.00 - Original price $209.00Original price$209.00$209.00 - $209.00Current price $209.00
Ruijie Reyee RG-RAP2260(G) is a high-performance entry Wi-Fi 6 AP for large indoor areas. This product is an ideal choice for many wireless scenari...View full detailsOriginal price $209.00 - Original price $209.00Original price$209.00$209.00 - $209.00Current price $209.00
Original price $338.63 - Original price $338.63Original price $338.63$343.51$343.51 - $343.51Current price $343.51
Please note:- No PoE Injector Included- Due to chip supply shortages, the U6 AP's LED has been limited to only white and blue colour modes. The A...View full detailsOriginal price $338.63 - Original price $338.63Original price $338.63$343.51$343.51 - $343.51Current price $343.51