As ransomware attacks are hitting the news headlines, CIOs and CTOs are in a lookout for a permanent solution to curb such attacks on their IT infrastructure respectively. So, security analysts are suggesting the following firewall best practices to prevent file-encrypting malware attacks from infiltrating a network laterally. And they are as follows-
Cut down risks of lateral movement- Nowadays, threat monitoring solution providers are offering firewalls that can detect cyber threats moving laterally on a network on an automated note. They do so by segmenting the LAN into smaller subnets and then assign separate zones that help isolate those networks with a firewall. At the same time, the traffic communicating on these zones can be monitored for bugs and worms by applying IPS policies.
Keep a tab on Ports- Better to re-evaluate all port forwarding rules to eliminate any non-essential open ports. Also, it is better to use a VPN to access resources on the internal network from outside rather than port-forwarding. Network admins should specifically keep a check on RDPs and make sure that the 3389 is not open on Firewall.
IPS Protection is a must- For the traffic communication happening to and fro, better to apply a suitable Intrusion Prevention System which helps detect a cyber threat at an early stage and helps analyze and thwart/quarantine the packets on time. Remember, IPS has become an essential component of Network Security which even the network admins cannot overlook these days, unlike an Intrusion Detection System(IDS) which only used to help analyze network traffic for signatures that matched known cyber attacks.
Apart from having an efficient firewall, having regular data backups which can be ejected for data continuity when the need arises might help reduce the impact of a ransomware attack when hit by chance. Also better train business employees on never to click on phishing emails which can lead to ransomware or other malware-related infections. Keeping operating systems up-to-date with regular security patches is also super-essential.