Swiss National Life

Keep you company protected from cyber crime

Malware & Cyber Extortion

1. Deploy Next-Gen Antivirus & Endpoint Detection Response (EDR) Solutions

  • Use AI-powered antivirus and EDR tools to detect and block malware.
  • Implement behavior-based threat detection to identify malicious activity.
  • Ensure automatic malware removal and system isolation upon detection.
  • Regularly update security definitions to prevent new malware variants.

2. Enforce Strict Access Controls & Multi-Factor Authentication (MFA)

  • Follow the Principle of Least Privilege (PoLP) to restrict user access.
  • Require MFA for accessing sensitive systems, databases, and cloud services.
  • Implement role-based access control (RBAC) to limit administrative privileges.
  • Audit and revoke access for inactive or unauthorized accounts regularly.

3. Implement Network Segmentation & Zero Trust Architecture

  • Separate critical business systems from user workstations to minimize risk.
  • Restrict communication between different network zones to prevent malware spread.
  • Apply Zero Trust principles (continuous verification and least-privilege access).
  • Use firewalls, IDS/IPS, and VPNs to secure internal communications.

4. Regular Patch Management & Software Updates

  • Apply security patches for operating systems, applications, and firmware promptly.
  • Use automated patch management tools to ensure all endpoints are updated.
  • Remove unsupported or outdated software to reduce attack surfaces.
  • Regularly scan for vulnerable software components and plugins.

5. Strengthen Email & Web Security Policies

  • Deploy email filtering solutions to block phishing and malware-laden emails.
  • Enable DMARC, SPF, and DKIM to prevent email spoofing and impersonation.
  • Block malicious websites and attachments using web filtering tools.
  • Train employees to identify phishing emails and report suspicious messages.

6. Implement Strong Data Backup & Disaster Recovery Strategies

  • Use the 3-2-1 backup rule (3 copies, 2 different media, 1 offsite).
  • Store offline, air-gapped, or immutable backups to protect against ransomware.
  • Test backup restoration regularly to ensure quick recovery.
  • Implement automated backup solutions to capture critical business data.

7. Deploy Advanced Threat Intelligence & Security Monitoring

  • Use SIEM (Security Information & Event Management) solutions for real-time monitoring.
  • Deploy threat intelligence feeds to stay updated on emerging malware threats.
  • Monitor network activity for unusual behaviors, such as data exfiltration.
  • Set up automatic alerts for unauthorized access attempts and privilege escalations.

8. Establish a Cyber Extortion & Ransomware Response Plan

  • Develop a Cyber Extortion Playbook to guide response teams.
  • Define legal and compliance protocols in case of a ransomware attack.
  • Work with law enforcement and cyber insurance providers before making ransom decisions.
  • Keep an offline copy of critical incident response procedures.

9. Conduct Employee Security Awareness Training

  • Educate employees on safe browsing, email security, and social engineering attacks.
  • Conduct regular phishing simulations to test employee awareness.
  • Require mandatory cybersecurity training for all staff.
  • Encourage a “report-first” culture to quickly identify potential threats.

10. Secure Cloud & Remote Work Environments

  • Require VPN access with encryption for remote employees.
  • Enforce cloud security policies such as MFA, access logging, and encryption.
  • Monitor cloud storage and SaaS applications for unauthorized access.
  • Restrict use of personal devices for work unless secured and monitored.