An attack does not wait for those who wait

Ransomware is malicious software that blocks access by encrypting a system and promises to restore access in exchange for a ransom. In Turkey, over the past 2 years, 34% of corporate attacks have fallen into this category.

7 Essential Measures

  1. Regular backups · the 3 · 2 · 1 rule (3 copies · 2 different media · 1 offline)
  2. Patch management · critical CVEs should be closed within 72 hours
  3. EDR/XDR solution · behavioral anomaly detection is essential
  4. MFA · mandatory for RDP · VPN and admin panels
  5. Staff awareness · phishing simulations
  6. Network segmentation · make lateral movement difficult
  7. Incident response plan · run drills

During an attack

  • Immediately disconnect affected systems from the network
  • DO NOT pay (the FBI and Europol agree on this)
  • Do not delete the ransom note
  • Contact DSET: containment + forensics + recovery

Contact: +90 536 662 38 09