Printed from

Federal agency offers ransomware protection tips

Posted On: May. 13, 2021 12:13 PM CST


Always use antivirus software, keep all computers fully patched with security updates, and use security products or services that block access to known ransomware sites on the internet, says the National Institute of Standards and Technology, in advice issued Thursday on protecting against ransomware attacks.

Other advice includes to configure operating systems or use third-party software to allow only authorized applications to run on computers, which prevents ransomware from working, said the Gaithersburg, Maryland-based NIST, which is part of the U.S. Department of Commerce.

NIST also recommends restricting or prohibiting personally owned devices on organizations’ networks for telework or remote access unless extra steps are taken to assure security.

Organizations should use standard user accounts instead of those with administrative privileges whenever possible, NIST said, and personnel should avoid using personal applications and websites as well as opening files or clicking on links from unknown sources.

To prepare for the possibility of a ransomware attack, NIST recommends developing and implementing an incident recovery plan; implementing and testing a data backup and restoration strategy; and maintaining an up-to-date list of internal and external contacts that includes law enforcement.

Experts have said that small and medium-sized organizations that fail to take adequate security measures are particular targets of ransomware criminals.

Colonial Pipeline has paid nearly $5 million to hackers after a crippling cyberattack that shut the largest fuel pipeline network in the United States, according to a report.