Arming SMB's Against Ransomware Attacks

Ransomware has become one of the most serious cyber threats to small and medium businesses today. A recent variant permanently deletes files within one hour of infection. The situation grows increasingly dire: the FBI even encourages victims to make payment, though there is still no guarantee that owners will recover their data (ICIT Fellows, 2016). Despite such threats, small and medium enterprises can follow recommended best practices to mitigate this risk. Businesses with tighter budgets and fewer security team members can adopt many of the protections available to the largest enterprises. The most important recommendation is the use of application whitelisting. In Windows environments, this can be accomplished through free tools within Active Directory. Other options will also be discussed, as well as a brief discussion of the future of ransomware.