Ransomware is back in the news. Yet again, massive and not-so-massive corporate enterprises find themselves at risk of having their computer systems and records held hostage to internet raiders. And, in an added twist, this time systems are not necessarily unlocked even after the ransom is paid.
What can you do? The key is advance preventative measures. Over at Fox Rothschild’s Privacy Compliance and Data Security blog, we follow these issues regularly. There, we have noted that the United States Computer Emergency Readiness Team at the Department of Homeland Security has provided several recommendations for preventative measures individuals and organizations can take against ransomware attacks, including the following;
- Have a data backup and recovery plan which can be tested regularly for all critical information;
- Backups should be kept on separate storage devices;
- Allow only specified programs to run on computers and web servers to prevent unapproved programs from running (known as application whitelisting);
- Make use of patches to keep software and operating systems current with the latest updates;
- Maintain current anti-virus software and scan all downloaded software from the internet prior to executing;
- The “Least Privilege” principle should prevail – restrict users’ access to unnecessary software, systems, applications, and networks through the usage of permissions;
Preclude enabling macros from email attachments. Enabling macros allows embedded code to execute malware on the device. Organizations should have blocking software to cut off email messages with suspicious attachments; and last, but certainly not least
- Do Not Click on unsolicited Web links in emails.
As usual, you should always report hacking or fraud incidents to the FBI’s Internet Crime Complaint Center (IC3).
In the case of the current attack, one of the ways it seems to be spreading is through the use of auto-updating software for an accountancy program. This method of transmission points out the critical importance of turning off “auto-update” self-executing software and scanning every download prior to installation.