Ransomware: Prevent Your Networks From Being Held Hostage [Blog Post]
April 12, 2016 - By: SC&H Group
In the following blog post, SC&H Group’s IT Advisory Services team provides tips for countering the rise of ransomware, a new type of malicious threat that is impacting businesses, government agencies, healthcare organizations, and individuals.
Today’s hackers have become incredibly sophisticated — to the point where they actually hold computer systems hostage and demand a ransom.
The latest trend, called ransomware, involves hackers installing malware that restricts access to the infected computer system. From there, cyber criminals demand that the victim pay a ransom to the malware operators to remove the actual restriction.
The threat has become so serious that the U.S. and Canadian governments have issued a rare joint cyber alert warning about the surge in ransomware attacks. The cyber alert came about as a result of the recent attack that paralyzed MedStar Health’s computer systems.
While ransomware typically targets individuals, the MedStar attack shows how hackers are getting bolder in their efforts to target businesses, local government agencies, hospitals, and other commercial enterprises.
The ransomware scheme works by delivering an attachment via email that typically masquerades as an official software update. The user then opens the attachment, which launches the threat.
In another example, Plainfield, New Jersey, a town of roughly 50,000 people, also fell victim to a ransomware attack within the past month. One employee clicked on an infected link, and now hijackers are holding files ransom. The town is still working to get its files back, which date back approximately 10 years.
You can combat this threat by ensuring that daily anti-virus updates are installed on every laptop and server, and are actively scanned for infections. Our IT Advisory Services team has also provided additional tips below to proactively prevent – or actively deal with – ransomware:
- Stop the “Willingness to Click” Phenomenon: Most people have a natural willingness to click on the links or open attachments received in their inboxes. Educate your employees to “think before clicking,” and cautiously consider the ramifications of opening unrequested email attachments or links.
- Trusted Software Updates: Make sure that software updates are delivered from vendors or internal IT staff using agents that run on your employees’ computers – not through email.
- Be Mindful of File Permissions: Be sure to limit file-permission access as much as possible. This permissioning ensures files can’t be rewritten by lower-level employees – or by malware that is working – through those employees’ level of access.
- Vet Your Cloud Provider: Make sure you understand how your cloud provider can protect your data and recover it in case of a malicious attack. For example, DropBox makes it possible to bounce back from encryption losses by allowing users to restore previous versions of files.
- Consistently Back Up Data: Make sure you have sound backup processes, which will help recover much of the data encrypted by the attackers. Companies performing backups on-premise should make sure they can properly recover and retain historical data.
In today’s digital world, hackers are vigilant enough to stay one-step-ahead of any organization’s sophisticated IT security efforts. The SC&H Group IT Advisory Services team is advocating for you to remain alert, be aware of all suspicious web activity, and take the right steps to mitigate a potential attack.
Interested in strengthening your IT security, and learning how to prevent a ransomware attack? Contact Jeff Bathurst, Director of SC&H Group’s IT Advisory Services practice here.