There are several best practices organizations should implement to minimize the impact of wiper malware. Using inline sandboxing is an excellent starting point to protect against ransomware and wiper malware. As a result, only benign files will be delivered to your endpoints. Another important countermeasure is to have backups available. However, malware often actively searches for backups on the machine (such as Windows Shadow Copy) or the network to destroy. Therefore, backups must be stored off-site and offline to survive sophisticated attacks. Proper network segmentation is also helpful—if an attack occurs, segmentation can help contain an incident to just one part of the network. Have disaster recovery and incident response plans in place, as those preparedness efforts often make the difference between successfully averting data loss and complete data destruction
