{"id":429,"date":"2025-06-17T13:32:47","date_gmt":"2025-06-17T12:32:47","guid":{"rendered":"https:\/\/harrisonjonesit.co.uk\/?p=429"},"modified":"2025-06-18T13:56:12","modified_gmt":"2025-06-18T12:56:12","slug":"elementor-429","status":"publish","type":"post","link":"https:\/\/harrisonjonesit.co.uk\/?p=429","title":{"rendered":"3 Ways To Defend Against Ransomware"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"429\" class=\"elementor elementor-429\">\n\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6722126 e-flex e-con-boxed e-con e-parent\" data-id=\"6722126\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-c0d5b63 elementor-widget elementor-widget-heading\" data-id=\"c0d5b63\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.18.0 - 20-12-2023 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">Ransomware - 3 ways to defend against the biggest threat facing IT departments today<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-9401b33 e-flex e-con-boxed e-con e-parent\" data-id=\"9401b33\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-72a4e9f elementor-widget elementor-widget-text-editor\" data-id=\"72a4e9f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.18.0 - 20-12-2023 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p data-start=\"212\" data-end=\"588\">Lately, we\u2019ve seen headlines about major companies losing millions to ransomware, suffering data breaches, and experiencing stock crashes after their systems were compromised. In many cases, a ransom is publicly demanded in exchange for the return of stolen assets and data. It\u2019s becoming clear that no one is safe \u2014 from small contractors to giants like M&amp;S and even the NHS.<\/p><p data-start=\"590\" data-end=\"1022\">In this article, we\u2019ll explore a few practical steps we can take to reduce the risk of becoming the next cybersecurity horror story. While no system is 100% secure, it\u2019s essential to have an incident response plan, disaster recovery plan, and business continuity strategy in place in case the worst happens. That\u2019s why appointing a strong information security delegate (or team) is critical regardless of your organization\u2019s size.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-6340816 e-flex e-con-boxed e-con e-parent\" data-id=\"6340816\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-dce597a elementor-widget elementor-widget-heading\" data-id=\"dce597a\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">1. Controlled Folder Access<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-9ebd3ae e-flex e-con-boxed e-con e-parent\" data-id=\"9ebd3ae\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-6c162e8 elementor-widget elementor-widget-text-editor\" data-id=\"6c162e8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p data-start=\"180\" data-end=\"508\">Controlled Folder Access is a security feature in Windows Defender that protects sensitive folders by blocking unauthorized applications from making changes to them. It effectively creates a barrier around key directories like <strong data-start=\"407\" data-end=\"420\">Documents<\/strong>, <strong data-start=\"422\" data-end=\"434\">Pictures<\/strong>, and <strong data-start=\"440\" data-end=\"451\">Desktop<\/strong>, allowing only trusted apps to write to those locations.<\/p><p data-start=\"510\" data-end=\"894\">In today\u2019s threat landscape, it is essential to enable this feature on all servers hosting critical data and, if possible, on all user endpoints as well. However, care must be taken to ensure that legitimate applications are not unintentionally blocked. Any necessary exceptions can be configured through <strong data-start=\"817\" data-end=\"837\">Microsoft Intune<\/strong> or locally within the Controlled Folder Access settings.<\/p><p><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-bc2926e e-flex e-con-boxed e-con e-parent\" data-id=\"bc2926e\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-4ba564d elementor-widget elementor-widget-heading\" data-id=\"4ba564d\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">2. User Education\/Testing<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-4381c04 e-flex e-con-boxed e-con e-parent\" data-id=\"4381c04\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-bfe456b elementor-widget elementor-widget-text-editor\" data-id=\"bfe456b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p data-start=\"246\" data-end=\"507\">The most common cause of data loss and cyberattacks is user error. No matter what technical controls are in place, if an attacker can trick a user into revealing confidential information, those controls may be bypassed entirely and the damage is already done.<\/p><p data-start=\"509\" data-end=\"1031\">The most effective way to address this is through regular user education. I\u2019ve found that providing training on phishing and social engineering in <strong data-start=\"656\" data-end=\"677\">bite-sized chunks<\/strong> helps keep users engaged and aware. In smaller companies with limited budgets, this could be something as simple as homemade PowerPoint slides or curated YouTube videos. For larger organizations, I recommend using a provider like <strong data-start=\"908\" data-end=\"920\">BoxPhish<\/strong>, which delivers regular micro-courses to educate users on the latest techniques and threats used by attackers.<\/p><p data-start=\"1033\" data-end=\"1440\">Another highly effective strategy is <strong data-start=\"1070\" data-end=\"1094\">phishing simulations<\/strong>\u00a0sending mock phishing emails to employees. If a user clicks a fake link, the system logs the action and follows up with targeted training or warnings. This helps identify high-risk users and encourages everyone to be more cautious, even paranoid about interacting with suspicious content, ultimately fostering a safer working environment.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-a6844d7 e-flex e-con-boxed e-con e-parent\" data-id=\"a6844d7\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-aa12cb1 elementor-widget elementor-widget-heading\" data-id=\"aa12cb1\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">3.Regular Backups Of All Precious Data<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-197cb30 e-flex e-con-boxed e-con e-parent\" data-id=\"197cb30\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-cb556f1 elementor-widget elementor-widget-text-editor\" data-id=\"cb556f1\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p data-start=\"230\" data-end=\"547\">This one may seem old-fashioned and self-explanatory, but it&#8217;s critical to stay on top of backup procedures. Organizations should have well-defined processes in place for performing both <strong data-start=\"417\" data-end=\"449\">full and incremental backups<\/strong> in on-premises environments, as well as ensuring <strong data-start=\"499\" data-end=\"522\">cloud-based backups<\/strong> are properly configured.<\/p><p data-start=\"549\" data-end=\"888\">The reason backups are so important is that when attackers gain access to your systems, they typically <strong data-start=\"652\" data-end=\"673\">encrypt your data<\/strong>, rendering it unreadable and demanding a ransom to restore access. With reliable backups, you retain access to <strong data-start=\"785\" data-end=\"819\">previous, unencrypted versions<\/strong> of your data, which allows you to recover without paying the ransom.<\/p><p data-start=\"890\" data-end=\"1252\">It\u2019s also essential to establish clear <strong data-start=\"929\" data-end=\"963\">Recovery Time Objectives (RTO) &#8211;<\/strong> how long it will take to restore operations and <strong data-start=\"1016\" data-end=\"1051\">Recovery Point Objectives (RPO) &#8211;<\/strong>\u00a0how far back the backups go and how much data may be lost. Understanding these metrics ensures your business is prepared to respond effectively and minimize disruption in the event of a cyberattack.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-64d1737 e-flex e-con-boxed e-con e-parent\" data-id=\"64d1737\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-bacb220 elementor-widget elementor-widget-heading\" data-id=\"bacb220\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Conclusion - Defense-In-Depth<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-73465d1 e-flex e-con-boxed e-con e-parent\" data-id=\"73465d1\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-1689ba6 elementor-widget elementor-widget-text-editor\" data-id=\"1689ba6\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p data-start=\"198\" data-end=\"516\">The key to defending against ransomware attacks is implementing <strong data-start=\"262\" data-end=\"292\">multiple layers of defense<\/strong> to reduce your attack surface and minimize potential damage. At the same time, it&#8217;s crucial to continuously adapt and innovate your defensive strategies \u2014 it\u2019s an ongoing game of cat and mouse against ever-evolving threats.<\/p><p data-start=\"518\" data-end=\"1072\">While there are many more technical and managerial considerations beyond what I\u2019ve covered here, this article should serve as a solid starting point. Most importantly, make sure you have a detailed plan for recovering <strong data-start=\"736\" data-end=\"778\">every critical service and application<\/strong> in your business if the worst happens. These plans should be tested regularly to ensure they\u2019re effective. You can even create a home lab environment to practice or look online for real-world examples of <strong data-start=\"983\" data-end=\"1009\">Disaster Recovery (DR)<\/strong> and <strong data-start=\"1014\" data-end=\"1042\">Business Continuity (BC)<\/strong> plans to help guide your own.<\/p><p data-start=\"518\" data-end=\"1072\">This article was written without the use of any LLM or GPT model \u2014 it\u2019s simply advice based on my experience working in a SecOps\u00a0team over the past few years.<\/p><p data-start=\"518\" data-end=\"1072\"><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Ransomware &#8211; 3 ways to defend against the biggest threat facing IT departments today Lately, we\u2019ve seen headlines about major companies losing millions to ransomware, suffering data breaches, and experiencing stock crashes after their systems were compromised. In many cases, a ransom is publicly demanded in exchange for the return [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/429"}],"collection":[{"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=429"}],"version-history":[{"count":41,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/429\/revisions"}],"predecessor-version":[{"id":482,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/429\/revisions\/482"}],"wp:attachment":[{"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=429"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=429"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=429"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}