RANSOMWARE threat recommendations

The National Cyber Security Authority, in collaboration with NAKIT and the AFCEA Cyber Security Working Group, of which we are a member, has issued Recommendations for mitigating, preventing and responding to the threat of ransomware. This document does not replace any law or implementing legislation. It is intended for companies, organizations and institutions as a guide on how to proceed, how to protect yourself and how to prevent a ransomware attack.

Key steps to secure networks against ransomware include:

• Update the operating system, programs and applications.
• Block services open to the public network - except for the most necessary ones. Secure these sufficiently.
• Restrict access to administrative accounts.
• Set the obligation to use strong and secure passwords through security policies.
• Segment the organization's network according to security options and needs.
• Store network logs on an independent server outside the corporate network.
• Create secure backups and test their use.
• Raise user awareness of the ransomware threat and its vectors.

You can find more information and recommendations on individual preventive steps in this document (in Czech).