On Mon, 14 Jun 2021 at 15:44, gvim via GLLUG <gllug@mailman.lug.org.uk> wrote: > > With ransomeware becoming a threat to both small and large businesses I'm > inclined to advise small businesses to change their router as a first line of > defence. What is currently the best NIX-based router/software? pfSense? >
The first and most important defense against Ransomware is not a firewall. The first thing to consider is how to recover after falling victim. If you can recover from a Ransomware attack without needing to pay ransom, you have defeated it. The main risk of a Ransomware attack is that they have managed to encrypt both your data and the backups of all the data. So, the best defense is using a backup system that cannot be attacked by a Ransomware attack. This is normally some sort to write once, store offsite backup, so the Ransomware attacker cannot delete or encrypt the backups. Once you have that protection, the next step is to look at ways to limit the disruption. This normally involves adding monitoring tools so that you are more likely to detect a malicious actor within your network. The final step is to try and prevent the attack in the first place. The problem with this final step is that there are always new zero day attacks, so whatever you come up with here is never 100% protection. That is another reason why the other steps above are more effective and more important to do . Kind Regards James Kind Regards James -- GLLUG mailing list GLLUG@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/gllug