RANSOMWARE Countermeasures
Measures that can be taken before an attack and the correct response during an attack.
An attack does not wait for those who wait
Ransomware is malicious software that blocks access by encrypting a system and promises to restore access in exchange for a ransom. In Turkey, over the past 2 years, 34% of corporate attacks have fallen into this category.
7 Essential Measures
- Regular backups · the 3 · 2 · 1 rule (3 copies · 2 different media · 1 offline)
- Patch management · critical CVEs should be closed within 72 hours
- EDR/XDR solution · behavioral anomaly detection is essential
- MFA · mandatory for RDP · VPN and admin panels
- Staff awareness · phishing simulations
- Network segmentation · make lateral movement difficult
- Incident response plan · run drills
During an attack
- Immediately disconnect affected systems from the network
- DO NOT pay (the FBI and Europol agree on this)
- Do not delete the ransom note
- Contact DSET: containment + forensics + recovery
Contact: +90 536 662 38 09
Sistem Girişi
Kimliğinizi doğrulayın
Yetkilendirilmiş erişim alanı. Tüm giriş denemeleri kayıt altına alınır.