| sidebar_position | 1 |
|---|
Ransomware is chalked up to be a complex threat to modern enterprises. So-called sophisticated attackers infiltrate and cripple networks indiscriminately. These attacks are often quickly followed by a scary blog post from big-name security vendors who explain why this particular ransomware event was more sinister dangerous than the last.
However ransomware operators barely ever use sophisticated tactics because they just don't need to. Common misconfigurations, bad patching and poor IT hygiene provide plenty attack surface for them to be consistently successful. The bad guys enjoy using premade Python code straight from Github breach edge of network appliances or simply log into a target network via an unsecured VPN or an exposed RDP port.
PreventRansomware intends to provide system administrators with free, no thrills, understandable advice for preventing these types of attacks with the technology you most likely already own.
Throughout the documentation laid out in the following pages you may find yourself wondering why we offer seemingly basic advice like "get a good EDR rolled out throughly". This advice is here because getting the fundamental controls, concepts and security culture right will enable you to categorically fend off the majority of today's ransomware attacks.