Ransomware | Notion

Steps to Help Prevent & Limit the Impact of Ransomware

Use strong and unique passwords on user accounts that cannot be easily breached. Weak passwords like Admin, admin@123, user, 123456, password, Pass@123, etc., can be easily brute-forced in the first few attempts itself.
Configure password protection for your security software. This would prevent any unauthorized users from accessing the system from disabling or uninstalling it. Quick Heal users can enable this feature from the Settings => Password Protection.
Disable the Administrator account and use a different account name for administrative activities. Most brute-force attempts are done on an Administrator user account as it is present by default. Also, remove any other unused or guest accounts if configured on the system.
Change the default RDP port from the default‘3389’.. Most attacks of such type focus on targeting port 3389 of RDP.
Enable Network Level Authentication (NLA) feature in your RDP settings available in Windows Vista and later OS. Ref: https://technet.microsoft.com/en-us/library/cc732713.aspx
Configuring Account Lockout Policies that automatically lock the account after a specific number of failed attempts. This feature is available in Windows and the threshold can be customized as per the administrator. Ref: https://technet.microsoft.com/en-us/library/dd277400..aspx
Route the RDP traffic only through the Hardware Firewall with highly secured traffic rules to allow only trustworthy connections.
Kindly do not open any mail attachments or read emails from unknown people.
Kindly do not visit any unknown link provided in the mail by unknown people.
Do not allow outside pen drive in your network and scan the authorized pen drive before accessing it.